diff --git a/mbadmin.jps b/mbadmin.jps index eb84c1e..37181d6 100644 --- a/mbadmin.jps +++ b/mbadmin.jps @@ -1,640 +1,645 @@ -type: update -id: mbadmin -version: '2.5' -name: MB Administration -description: Mighty Box Control Panel Administration - -targetNodes: - nodeGroup: cp - -onInstall: - - cmd[cp]: - user: root - commands: - # Ensure all directories exist - - mkdir -p /home/litespeed/mbmanager - - mkdir -p /home/litespeed/mbmanager/relay - - mkdir -p /home/litespeed/mbmanager/ssl-manager - # Download main scripts - - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/litespeed_fetch_settings.sh - - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/litespeed_update_settings.sh - - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/update_opcache_settings.sh - - chmod +x /home/litespeed/mbmanager/*.sh - # Download relay scripts - - cd /home/litespeed/mbmanager/relay - - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/relay/check_relay_installation.sh - - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/relay/check_relay_status.sh - - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/relay/disable_relay.sh - - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/relay/enable_relay.sh - - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/relay/flush_caches.sh - - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/relay/install_relay_ocp.sh - - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/relay/uninstall_relay.sh - - chmod +x /home/litespeed/mbmanager/relay/*.sh - # Download SSL manager script - - cd /home/litespeed/mbmanager/ssl-manager - - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/ssl-manager/ssl_manager.sh - - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/ssl-manager/ipchecker.sh - - chmod +x /home/litespeed/mbmanager/ssl-manager/*.sh - # Install Certbot for AlmaLinux - - dnf install -y certbot - - dnf install -y python3-certbot-dns-cloudflare - -menu: - - confirmText: Are you sure you want to execute this WP-CLI command? - loadingText: Executing WP-CLI command... - caption: Execute WP-CLI Command - action: dynamic_wp_cli - settings: wpCliConfig - successText: "${response.out}" - - confirmText: Are you sure you want to sync directories using rsync? - loadingText: Syncing directories... - caption: Sync Directories - action: rsync_directories - settings: rsyncConfig - successText: "Directory synchronized successfully from '${settings.old_directory}' to '/var/www/webroot/ROOT/'." - - confirmText: Are you sure you want to check relay installation? - loadingText: Checking relay installation... - caption: Check Relay Installation - action: check_relay_installation - successText: "${response.out}" - - confirmText: Are you sure you want to check relay status? - loadingText: Checking relay status... - caption: Check Relay Status - action: check_relay_status - successText: "${response.out}" - - confirmText: Are you sure you want to disable the relay? - loadingText: Disabling relay... - caption: Disable Relay - action: disable_relay - successText: "${response.out}" - - confirmText: Are you sure you want to enable the relay? - loadingText: Enabling relay... - caption: Enable Relay - action: enable_relay - successText: "${response.out}" - - confirmText: Are you sure you want to install Relay and OCP? - loadingText: Installing Relay and OCP - caption: Install Relay - action: install_relay - successText: "${response.out}" - - confirmText: Are you sure you want to flush keys for Redis and OCP? - loadingText: Clearing Keys - caption: Flush Keys - action: flush_keys - successText: "${response.out}" - - confirmText: Check the Redis Status? - loadingText: Checking Redis - caption: Check Redis Status - action: redis_status - successText: "${response.out}" - - confirmText: Are you sure you want to disable Redis? - loadingText: Disabling Redis - caption: Disable Redis - action: redis_disable - successText: "${response.out}" - - confirmText: Enable Redis? - loadingText: Enabling Redis - caption: Enable Redis - action: redis_enable - successText: "${response.out}" - - confirmText: Are you sure you want to flush keys for Redis? - loadingText: Clearing Keys - caption: Flush Keys - action: redis_clear_keys - successText: "${response.out}" - - confirmText: Do you want to export the WordPress database? - loadingText: Exporting WordPress Database... - caption: Export WordPress DB - action: export_wp_db - settings: dbExportConfig - successText: "Database exported successfully to /var/www/webroot/ROOT/${settings.db_filename}.sql" - - confirmText: Are you sure you want to import the WordPress database? - loadingText: Importing WordPress Database... - caption: Import WordPress DB - action: import_wp_db - settings: dbImportConfig - successText: "${response.out}" - - confirmText: Are you sure you want to perform a search and replace? - loadingText: Performing Search and Replace... - caption: Search and Replace URL - action: search_replace_urls - settings: searchReplaceConfig - successText: "Search and Replace completed successfully for '${settings.old_url}' with '${settings.new_url}' in all tables." - - confirmText: Are you sure you want to prepare for DB import? - loadingText: Preparing for DB import... - caption: DB Import Preparation - action: db_import_preparation - successText: "${response.out}" - - confirmText: Are you sure you want to issue an SSL certificate for this domain? - loadingText: Issuing SSL Certificate... - caption: Issue SSL Certificate - action: issue_ssl_cert - settings: sslCertConfig - successText: "SSL certificate for '${settings.domain}' has been issued successfully." - - confirmText: Check if the domain is resolving to the expected IP address? - loadingText: Checking Domain... - caption: Check Domain IP - action: check_domain_ip - settings: checkDomainConfig - successText: "${response.out}" - - confirmText: Are you sure you want to remove the SSL certificate for this domain? - loadingText: Removing SSL Certificate... - caption: Remove SSL Certificate - action: remove_ssl_cert - settings: sslRemoveConfig - successText: "SSL certificate for '${settings.domain}' has been successfully removed." - -settings: - checkDomainConfig: - submitUnchanged: true - fields: - - name: domain - type: text - caption: Domain Name - required: true - - name: public_ip - type: text - caption: Public IP Address - required: true - wpCliConfig: - submitUnchanged: true - fields: - - name: wp_cli_command - type: text - caption: WP-CLI Command (without 'wp' prefix) - default: "help" - rsyncConfig: - submitUnchanged: true - fields: - - name: old_directory - type: text - caption: Source Directory - required: true - searchReplaceConfig: - submitUnchanged: true - fields: - - name: old_url - type: text - caption: Old URL - required: true - - name: new_url - type: text - caption: New URL - required: true - dbImportConfig: - submitUnchanged: true - fields: - - name: db_filename - type: text - caption: Import DB Filename (without extension) - default: "wordpress_db" - dbExportConfig: - submitUnchanged: true - fields: - - name: db_filename - type: text - caption: Exported DB Filename (without extension) - default: "wordpress_db" - opcacheConfig: - submitUnchanged: true - fields: - - name: memory_consumption - type: text - caption: OPCache Memory Consumption (MB) - default: "128" - - name: interned_strings_buffer - type: text - caption: Interned Strings Buffer (MB) - default: "8" - - name: max_accelerated_files - type: text - caption: Max Accelerated Files - default: "10000" - - name: revalidate_freq - type: text - caption: Revalidate Frequency (Seconds) - default: "2" - litespeedTTL: - submitUnchanged: true - fields: - - name: sizettl - type: text - caption: Public Page Cache TTL - default: "604800" - cacheExcConfig: - submitUnchanged: true - fields: - - name: cache_exc_paths - type: text - caption: Cache Exclusion Paths - default: "/path-to-exclude" - litespeedConfig: - submitUnchanged: true - fields: - - name: TTL_PUB - type: text - caption: TTL Public (Seconds) - default: "3600" - - name: TTL_PRIV - type: text - caption: TTL Private (Seconds) - default: "1800" - - name: TTL_FRONTPAGE - type: text - caption: TTL Frontpage (Seconds) - default: "900" - - name: TTL_FEED - type: text - caption: TTL Feed (Seconds) - default: "7200" - sslCertConfig: - submitUnchanged: true - fields: - - name: public_ip - type: text - caption: Public IP Address - required: true - - name: domain - type: text - caption: Domain Name - required: true - - name: email - type: text - caption: Email Address - required: true - sslRemoveConfig: - submitUnchanged: true - fields: - - name: domain - type: text - caption: Domain Name - required: true - - name: confirm - type: checkbox - caption: I confirm I want to remove this certificate - value: false - -actions: - dynamic_wp_cli: - - cmd[cp]: - user: litespeed - commands: - - cd /var/www/webroot/ROOT/ - - wp ${settings.wp_cli_command} - - return: - type: info - message: "${response.out}" - rsync_directories: - - cmd[cp]: - commands: - - rsync -avz "/${settings.old_directory}/" /var/www/webroot/ROOT/ - - return: - type: info - message: "Directory synchronized successfully from '${settings.old_directory}' to '/var/www/webroot/ROOT/'." - search_replace_urls: - - cmd[cp]: - user: litespeed - commands: - - cd /var/www/webroot/ROOT/ - - /home/litespeed/bin/wp search-replace '${settings.old_url}' '${settings.new_url}' --all-tables - - /home/litespeed/bin/wp transient delete --all - - /home/litespeed/bin/wp cache flush - - return: - type: info - message: "Search and Replace completed successfully for '${settings.old_url}' with '${settings.new_url}' in all tables. Deleted Transients and Flushed WP Cache" - import_wp_db: - - cmd[cp]: - user: root - commands: - # Check if WP-CLI is installed - - if [ ! -f /home/litespeed/bin/wp ]; then - echo "WP-CLI not found. Installing..."; - curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar; - chmod +x wp-cli.phar; - mkdir -p /home/litespeed/bin; - mv wp-cli.phar /home/litespeed/bin/wp; - export PATH=$PATH:/home/litespeed/bin; - else - echo "WP-CLI is already installed."; - fi; - # Verify that WP-CLI is now available in the litespeed user's PATH and run the WP-CLI command - - cd /var/www/webroot/ROOT/ - - /home/litespeed/bin/wp db import /var/www/webroot/ROOT/${settings.db_filename}.sql --allow-root - - return: - type: info - message: "${response.out}" - - export_wp_db: - - cmd[cp]: - user: litespeed - commands: - - cd /var/www/webroot/ROOT/ - - wp db export /var/www/webroot/ROOT/${settings.db_filename}.sql - - return: - type: info - message: "Database exported successfully to /var/www/webroot/ROOT/${settings.db_filename}.sql" - enable_opcache: - - cmd[cp]: - user: root - commands: - - OP_INI='/usr/local/lsws/lsphp/etc/php.d/10-opcache.ini' - - sed -i 's/opcache.enable=0/opcache.enable=1/' $OP_INI - - restartNodes: - - nodeGroup: "cp" - reboot: true - - return: enableSuccess - - disable_opcache: - - cmd[cp]: - user: root - commands: - - OP_INI='/usr/local/lsws/lsphp/etc/php.d/10-opcache.ini' - - sed -i 's/opcache.enable=1/opcache.enable=0/' $OP_INI - - restartNodes: - - nodeGroup: "cp" - reboot: true - - return: disableSuccess - - clear_opcache: - - cmd[cp]: - user: root - commands: - - echo "" | php - - return: clearSuccess - - opcache_status: - - cmd[cp]: - user: root - commands: - - echo " opcache_get_status(false)['opcache_enabled']]); ?>" | php - - return: - type: info - message: "${response.out}" - - opcache_summary: - - cmd[cp]: - user: root - commands: - - echo " \$status['memory_usage'], 'opcache_statistics' => \$status['opcache_statistics']]); ?>" | php - - return: - type: info - message: "${response.out}" - - opcache_statistics: - - cmd[cp]: - user: root - commands: - - echo " \$status['scripts'], 'opcache_statistics' => \$status['opcache_statistics'], 'jit' => \$status['jit']]); ?>" | php - - return: - type: info - message: "${response.out}" - opcache_fetch_settings: - - cmd[cp]: - user: root - commands: - - echo " \$ini['opcache.memory_consumption'], 'interned_strings_buffer' => \$ini['opcache.interned_strings_buffer'], 'max_accelerated_files' => \$ini['opcache.max_accelerated_files'], 'revalidate_freq' => \$ini['opcache.revalidate_freq']]); ?>" | php - - return: - type: info - message: "${response.out}" - opcache_update_settings: - - cmd[cp]: - user: root - commands: - - bash /home/litespeed/mbmanager/update_opcache_settings.sh "${settings.memory_consumption}" "${settings.interned_strings_buffer}" "${settings.max_accelerated_files}" "${settings.revalidate_freq}" - - systemctl restart lsws - - restartNodes: - - nodeGroup: "cp" - reboot: true - - return: - type: info - message: "OPCache settings updated successfully." - litespeed_status: - - cmd[cp]: - commands: - - wp --path=/var/www/webroot/ROOT litespeed-option get cache - - return: - type: info - message: "${response.out}" - litespeed_enable: - - cmd[cp]: - commands: - - wp --path=/var/www/webroot/ROOT litespeed-option set cache 1 - - return: - type: info - message: "LiteSpeed Enabled." - litespeed_disable: - - cmd[cp]: - commands: - - wp --path=/var/www/webroot/ROOT litespeed-option set cache 0 - - return: - type: info - message: "LiteSpeed Disabled." - litespeed_purgeall: - - cmd[cp]: - commands: - - wp --path=/var/www/webroot/ROOT litespeed-purge all - - return: - type: info - message: "LiteSpeed Purged Cache." - litespeed_ver: - - cmd[cp]: - commands: - - wp --path=/var/www/webroot/ROOT litespeed-option get _version - - return: - type: info - message: "${response.out}" - litespeed_ttlpub: - - cmd[cp]: - commands: - - wp --path=/var/www/webroot/ROOT litespeed-option get cache-ttl_pub - - return: - type: info - message: "${response.out}" - litespeed_set_ttlpub: - - cmd[cp]: - commands: - - wp --path=/var/www/webroot/ROOT litespeed-option set cache-ttl_pub "${settings.sizettl}" - - return: - type: info - message: "${response.out}" - update_cache_exc: - - cmd[cp]: - commands: - - wp --path=/var/www/webroot/ROOT litespeed-option set cache-exc "${settings.cache_exc_paths}" - - return: - type: info - message: "${response.out}" - get_litespeed_ttl_values: - - cmd[cp]: - commands: - - bash /home/jelastic/mbmanager/litespeed_fetch_settings.sh - - return: - type: info - message: "${response.out}" - litespeed_update_settings: - - cmd[cp]: - commands: - - bash /home/jelastic/mbmanager/litespeed_update_settings.sh "${settings.TTL_PUB}" "${settings.TTL_PRIV}" "${settings.TTL_FRONTPAGE}" "${settings.TTL_FEED}" - - restartNodes: - - nodeGroup: "cp" - reboot: true - - return: - type: info - message: "LiteSpeed cache settings updated successfully." - check_relay_installation: - - cmd[cp]: - user: root - commands: - - bash /home/jelastic/mbmanager/relay/check_relay_installation.sh - - return: - type: info - message: "${response.out}" - check_relay_status: - - cmd[cp]: - user: root - commands: - - bash /home/jelastic/mbmanager/relay/check_relay_status.sh - - return: - type: info - message: "${response.out}" - disable_relay: - - cmd[cp]: - user: root - commands: - - bash /home/jelastic/mbmanager/relay/disable_relay.sh - - return: - type: info - message: "${response.out}" - enable_relay: - - cmd[cp]: - user: root - commands: - - bash /home/jelastic/mbmanager/relay/enable_relay.sh - - return: - type: info - message: "${response.out}" - install_relay: - - cmd[cp]: - commands: - - bash /home/jelastic/mbmanager/relay/install_relay_ocp.sh - - return: - type: info - message: "${response.out}" - flush_keys: - - cmd[cp]: - commands: - - bash /home/jelastic/mbmanager/relay/flush_caches.sh - - return: - type: info - message: "${response.out}" - redis_status: - - cmd[cp]: - commands: - - sudo systemctl list-units --type=service | grep redis - - return: - type: info - message: "${response.out}" - redis_disable: - - cmd[cp]: - commands: - - sudo systemctl stop redis - - return: - type: info - message: "Redis has been stopped successfully" - redis_enable: - - cmd[cp]: - commands: - - sudo systemctl restart redis - - return: - type: info - message: "Redis has been successfully restarted" - redis_clear_keys: - - cmd[cp]: - commands: - - redis-cli -s /var/run/redis/redis.sock FLUSHALL - - return: - type: info - message: "${response.out}" - db_import_preparation: - - cmd[cp]: - user: root - commands: - - if [ ! -f /home/litespeed/mbmanager/dbPreparation.sh ]; then - echo "dbPreparation.sh not found. Downloading the script..."; - mkdir -p /home/litespeed/mbmanager; - curl -o /home/litespeed/mbmanager/dbPreparation.sh https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/dbPreparation.sh; - chmod +x /home/litespeed/mbmanager/dbPreparation.sh; - else - echo "dbPreparation.sh already exists. Running the script..."; - fi; - - /home/litespeed/mbmanager/dbPreparation.sh - - return: - type: info - message: "${response.out}" - issue_ssl_cert: - - cmd[cp]: - user: root - commands: - - bash /home/litespeed/mbmanager/ssl-manager/ssl_manager.sh --public-ip="${settings.public_ip}" --domain="${settings.domain}" --email="${settings.email}" - - return: - type: info - message: "SSL certificate for '${settings.domain}' has been issued successfully." - check_domain_ip: - - cmd[cp]: - user: root - commands: - - bash /home/litespeed/mbmanager/ssl-manager/ipchecker.sh -d "${settings.domain}" -i "${settings.public_ip}" - - return: - type: info - message: "${response.out}" - remove_ssl_cert: - - cmd[cp]: - user: root - commands: - - test "${settings.confirm}" = "true" || { echo "Confirmation checkbox must be checked to proceed with certificate removal."; exit 1; } - - bash /home/litespeed/mbmanager/ssl-manager/ssl_manager.sh --domain="${settings.domain}" --remove-cert=yes --confirm=yes - - return: - type: info - message: "${response.out}" - -responses: - enableSuccess: - type: success - message: "OPCache enabled successfully." - disableSuccess: - type: success - message: "OPCache disabled successfully." - clearSuccess: - type: success - message: "OPCache cleared successfully." - -buttons: - - settings: opcacheConfig - action: opcache_update_settings - caption: Update OPCache Settings - submitButtonText: Update OpCache - - settings: litespeedTTL - action: litespeed_set_ttlpub - caption: Change TTL for cache-ttl_pub in seconds - submitButtonText: Update TTL - - settings: cacheExcConfig - action: update_cache_exc - caption: Update Cache Exclusion Paths - submitButtonText: Update Paths - - settings: litespeedConfig - action: litespeed_update_settings - caption: Update LiteSpeed Cache Settings - submitButtonText: Update Cache Settings - -onUninstall: - - cmd[cp]: - user: root - commands: - # Remove all installed scripts - - rm -rf /home/litespeed/mbmanager/ssl-manager/* - - rm -rf /home/litespeed/mbmanager/relay/* - - rm -rf /home/litespeed/mbmanager/* - # Remove the parent directory if empty - - rmdir --ignore-fail-on-non-empty /home/litespeed/mbmanager || true - # Uninstall Certbot if no longer needed +type: update +id: mbadmin +version: '2.5' +name: MB Administration +description: Mighty Box Control Panel Administration + +targetNodes: + nodeGroup: cp + +onInstall: + - cmd[cp]: + user: root + commands: + # Ensure all directories exist + - mkdir -p /home/litespeed/mbmanager + - mkdir -p /home/litespeed/mbmanager/relay + - mkdir -p /home/litespeed/mbmanager/ssl-manager + # Download main scripts + - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/litespeed_fetch_settings.sh + - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/litespeed_update_settings.sh + - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/update_opcache_settings.sh + - chmod +x /home/litespeed/mbmanager/*.sh + # Download relay scripts + - cd /home/litespeed/mbmanager/relay + - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/relay/check_relay_installation.sh + - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/relay/check_relay_status.sh + - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/relay/disable_relay.sh + - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/relay/enable_relay.sh + - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/relay/flush_caches.sh + - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/relay/install_relay_ocp.sh + - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/relay/uninstall_relay.sh + - chmod +x /home/litespeed/mbmanager/relay/*.sh + # Download SSL manager script + - cd /home/litespeed/mbmanager/ssl-manager + - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/ssl-manager/ssl_manager.sh + - curl -OL https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/ssl-manager/ipchecker.sh + - chmod +x /home/litespeed/mbmanager/ssl-manager/*.sh + # Install Certbot for AlmaLinux + - dnf install -y certbot + - dnf install -y python3-certbot-dns-cloudflare + +menu: + - confirmText: Are you sure you want to execute this WP-CLI command? + loadingText: Executing WP-CLI command... + caption: Execute WP-CLI Command + action: dynamic_wp_cli + settings: wpCliConfig + successText: "${response.out}" + - confirmText: Are you sure you want to sync directories using rsync? + loadingText: Syncing directories... + caption: Sync Directories + action: rsync_directories + settings: rsyncConfig + successText: "Directory synchronized successfully from '${settings.old_directory}' to '/var/www/webroot/ROOT/'." + - confirmText: Are you sure you want to check relay installation? + loadingText: Checking relay installation... + caption: Check Relay Installation + action: check_relay_installation + successText: "${response.out}" + - confirmText: Are you sure you want to check relay status? + loadingText: Checking relay status... + caption: Check Relay Status + action: check_relay_status + successText: "${response.out}" + - confirmText: Are you sure you want to disable the relay? + loadingText: Disabling relay... + caption: Disable Relay + action: disable_relay + successText: "${response.out}" + - confirmText: Are you sure you want to enable the relay? + loadingText: Enabling relay... + caption: Enable Relay + action: enable_relay + successText: "${response.out}" + - confirmText: Are you sure you want to install Relay and OCP? + loadingText: Installing Relay and OCP + caption: Install Relay + action: install_relay + successText: "${response.out}" + - confirmText: Are you sure you want to flush keys for Redis and OCP? + loadingText: Clearing Keys + caption: Flush Keys + action: flush_keys + successText: "${response.out}" + - confirmText: Check the Redis Status? + loadingText: Checking Redis + caption: Check Redis Status + action: redis_status + successText: "${response.out}" + - confirmText: Are you sure you want to disable Redis? + loadingText: Disabling Redis + caption: Disable Redis + action: redis_disable + successText: "${response.out}" + - confirmText: Enable Redis? + loadingText: Enabling Redis + caption: Enable Redis + action: redis_enable + successText: "${response.out}" + - confirmText: Are you sure you want to flush keys for Redis? + loadingText: Clearing Keys + caption: Flush Keys + action: redis_clear_keys + successText: "${response.out}" + - confirmText: Do you want to export the WordPress database? + loadingText: Exporting WordPress Database... + caption: Export WordPress DB + action: export_wp_db + settings: dbExportConfig + successText: "Database exported successfully to /var/www/webroot/ROOT/${settings.db_filename}.sql" + - confirmText: Are you sure you want to import the WordPress database? + loadingText: Importing WordPress Database... + caption: Import WordPress DB + action: import_wp_db + settings: dbImportConfig + successText: "${response.out}" + - confirmText: Are you sure you want to perform a search and replace? + loadingText: Performing Search and Replace... + caption: Search and Replace URL + action: search_replace_urls + settings: searchReplaceConfig + successText: "Search and Replace completed successfully for '${settings.old_url}' with '${settings.new_url}' in all tables." + - confirmText: Are you sure you want to prepare for DB import? + loadingText: Preparing for DB import... + caption: DB Import Preparation + action: db_import_preparation + successText: "${response.out}" + - confirmText: Are you sure you want to issue an SSL certificate for this domain? + loadingText: Issuing SSL Certificate... + caption: Issue SSL Certificate + action: issue_ssl_cert + settings: sslCertConfig + successText: "SSL certificate for '${settings.domain}' has been issued successfully." + - confirmText: Check if the domain is resolving to the expected IP address? + loadingText: Checking Domain... + caption: Check Domain IP + action: check_domain_ip + settings: checkDomainConfig + successText: "${response.out}" + - confirmText: Are you sure you want to remove the SSL certificate for this domain? + loadingText: Removing SSL Certificate... + caption: Remove SSL Certificate + action: remove_ssl_cert + settings: sslRemoveConfig + successText: "SSL certificate for '${settings.domain}' has been successfully removed." + +settings: + checkDomainConfig: + submitUnchanged: true + fields: + - name: domain + type: text + caption: Domain Name + required: true + - name: public_ip + type: text + caption: Public IP Address + required: true + wpCliConfig: + submitUnchanged: true + fields: + - name: wp_cli_command + type: text + caption: WP-CLI Command (without 'wp' prefix) + default: "help" + rsyncConfig: + submitUnchanged: true + fields: + - name: old_directory + type: text + caption: Source Directory + required: true + searchReplaceConfig: + submitUnchanged: true + fields: + - name: old_url + type: text + caption: Old URL + required: true + - name: new_url + type: text + caption: New URL + required: true + dbImportConfig: + submitUnchanged: true + fields: + - name: db_filename + type: text + caption: Import DB Filename (without extension) + default: "wordpress_db" + dbExportConfig: + submitUnchanged: true + fields: + - name: db_filename + type: text + caption: Exported DB Filename (without extension) + default: "wordpress_db" + opcacheConfig: + submitUnchanged: true + fields: + - name: memory_consumption + type: text + caption: OPCache Memory Consumption (MB) + default: "128" + - name: interned_strings_buffer + type: text + caption: Interned Strings Buffer (MB) + default: "8" + - name: max_accelerated_files + type: text + caption: Max Accelerated Files + default: "10000" + - name: revalidate_freq + type: text + caption: Revalidate Frequency (Seconds) + default: "2" + litespeedTTL: + submitUnchanged: true + fields: + - name: sizettl + type: text + caption: Public Page Cache TTL + default: "604800" + cacheExcConfig: + submitUnchanged: true + fields: + - name: cache_exc_paths + type: text + caption: Cache Exclusion Paths + default: "/path-to-exclude" + litespeedConfig: + submitUnchanged: true + fields: + - name: TTL_PUB + type: text + caption: TTL Public (Seconds) + default: "3600" + - name: TTL_PRIV + type: text + caption: TTL Private (Seconds) + default: "1800" + - name: TTL_FRONTPAGE + type: text + caption: TTL Frontpage (Seconds) + default: "900" + - name: TTL_FEED + type: text + caption: TTL Feed (Seconds) + default: "7200" + sslCertConfig: + submitUnchanged: true + fields: + - name: public_ip + type: text + caption: Public IP Address + required: true + - name: domain + type: text + caption: Domain Name + required: true + - name: email + type: text + caption: Email Address + required: true + sslRemoveConfig: + submitUnchanged: true + fields: + - name: domain + type: text + caption: Domain Name + required: true + - name: confirm + type: checkbox + caption: I confirm I want to remove this certificate + value: false + +actions: + dynamic_wp_cli: + - cmd[cp]: + user: litespeed + commands: + - cd /var/www/webroot/ROOT/ + - wp ${settings.wp_cli_command} + - return: + type: info + message: "${response.out}" + rsync_directories: + - cmd[cp]: + commands: + - rsync -avz "/${settings.old_directory}/" /var/www/webroot/ROOT/ + - return: + type: info + message: "Directory synchronized successfully from '${settings.old_directory}' to '/var/www/webroot/ROOT/'." + search_replace_urls: + - cmd[cp]: + user: litespeed + commands: + - cd /var/www/webroot/ROOT/ + - /home/litespeed/bin/wp search-replace '${settings.old_url}' '${settings.new_url}' --all-tables + - /home/litespeed/bin/wp transient delete --all + - /home/litespeed/bin/wp cache flush + - return: + type: info + message: "Search and Replace completed successfully for '${settings.old_url}' with '${settings.new_url}' in all tables. Deleted Transients and Flushed WP Cache" + import_wp_db: + - cmd[cp]: + user: root + commands: + # Check if WP-CLI is installed + - if [ ! -f /home/litespeed/bin/wp ]; then + echo "WP-CLI not found. Installing..."; + curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar; + chmod +x wp-cli.phar; + mkdir -p /home/litespeed/bin; + mv wp-cli.phar /home/litespeed/bin/wp; + export PATH=$PATH:/home/litespeed/bin; + else + echo "WP-CLI is already installed."; + fi; + # Verify that WP-CLI is now available in the litespeed user's PATH and run the WP-CLI command + - cd /var/www/webroot/ROOT/ + - /home/litespeed/bin/wp db import /var/www/webroot/ROOT/${settings.db_filename}.sql --allow-root + - return: + type: info + message: "${response.out}" + + export_wp_db: + - cmd[cp]: + user: litespeed + commands: + - cd /var/www/webroot/ROOT/ + - wp db export /var/www/webroot/ROOT/${settings.db_filename}.sql + - return: + type: info + message: "Database exported successfully to /var/www/webroot/ROOT/${settings.db_filename}.sql" + enable_opcache: + - cmd[cp]: + user: root + commands: + - OP_INI='/usr/local/lsws/lsphp/etc/php.d/10-opcache.ini' + - sed -i 's/opcache.enable=0/opcache.enable=1/' $OP_INI + - restartNodes: + - nodeGroup: "cp" + reboot: true + - return: enableSuccess + + disable_opcache: + - cmd[cp]: + user: root + commands: + - OP_INI='/usr/local/lsws/lsphp/etc/php.d/10-opcache.ini' + - sed -i 's/opcache.enable=1/opcache.enable=0/' $OP_INI + - restartNodes: + - nodeGroup: "cp" + reboot: true + - return: disableSuccess + + clear_opcache: + - cmd[cp]: + user: root + commands: + - echo "" | php + - return: clearSuccess + + opcache_status: + - cmd[cp]: + user: root + commands: + - echo " opcache_get_status(false)['opcache_enabled']]); ?>" | php + - return: + type: info + message: "${response.out}" + + opcache_summary: + - cmd[cp]: + user: root + commands: + - echo " \$status['memory_usage'], 'opcache_statistics' => \$status['opcache_statistics']]); ?>" | php + - return: + type: info + message: "${response.out}" + + opcache_statistics: + - cmd[cp]: + user: root + commands: + - echo " \$status['scripts'], 'opcache_statistics' => \$status['opcache_statistics'], 'jit' => \$status['jit']]); ?>" | php + - return: + type: info + message: "${response.out}" + opcache_fetch_settings: + - cmd[cp]: + user: root + commands: + - echo " \$ini['opcache.memory_consumption'], 'interned_strings_buffer' => \$ini['opcache.interned_strings_buffer'], 'max_accelerated_files' => \$ini['opcache.max_accelerated_files'], 'revalidate_freq' => \$ini['opcache.revalidate_freq']]); ?>" | php + - return: + type: info + message: "${response.out}" + opcache_update_settings: + - cmd[cp]: + user: root + commands: + - bash /home/litespeed/mbmanager/update_opcache_settings.sh "${settings.memory_consumption}" "${settings.interned_strings_buffer}" "${settings.max_accelerated_files}" "${settings.revalidate_freq}" + - systemctl restart lsws + - restartNodes: + - nodeGroup: "cp" + reboot: true + - return: + type: info + message: "OPCache settings updated successfully." + litespeed_status: + - cmd[cp]: + commands: + - wp --path=/var/www/webroot/ROOT litespeed-option get cache + - return: + type: info + message: "${response.out}" + litespeed_enable: + - cmd[cp]: + commands: + - wp --path=/var/www/webroot/ROOT litespeed-option set cache 1 + - return: + type: info + message: "LiteSpeed Enabled." + litespeed_disable: + - cmd[cp]: + commands: + - wp --path=/var/www/webroot/ROOT litespeed-option set cache 0 + - return: + type: info + message: "LiteSpeed Disabled." + litespeed_purgeall: + - cmd[cp]: + commands: + - wp --path=/var/www/webroot/ROOT litespeed-purge all + - return: + type: info + message: "LiteSpeed Purged Cache." + litespeed_ver: + - cmd[cp]: + commands: + - wp --path=/var/www/webroot/ROOT litespeed-option get _version + - return: + type: info + message: "${response.out}" + litespeed_ttlpub: + - cmd[cp]: + commands: + - wp --path=/var/www/webroot/ROOT litespeed-option get cache-ttl_pub + - return: + type: info + message: "${response.out}" + litespeed_set_ttlpub: + - cmd[cp]: + commands: + - wp --path=/var/www/webroot/ROOT litespeed-option set cache-ttl_pub "${settings.sizettl}" + - return: + type: info + message: "${response.out}" + update_cache_exc: + - cmd[cp]: + commands: + - wp --path=/var/www/webroot/ROOT litespeed-option set cache-exc "${settings.cache_exc_paths}" + - return: + type: info + message: "${response.out}" + get_litespeed_ttl_values: + - cmd[cp]: + commands: + - bash /home/jelastic/mbmanager/litespeed_fetch_settings.sh + - return: + type: info + message: "${response.out}" + litespeed_update_settings: + - cmd[cp]: + commands: + - bash /home/jelastic/mbmanager/litespeed_update_settings.sh "${settings.TTL_PUB}" "${settings.TTL_PRIV}" "${settings.TTL_FRONTPAGE}" "${settings.TTL_FEED}" + - restartNodes: + - nodeGroup: "cp" + reboot: true + - return: + type: info + message: "LiteSpeed cache settings updated successfully." + check_relay_installation: + - cmd[cp]: + user: root + commands: + - bash /home/jelastic/mbmanager/relay/check_relay_installation.sh + - return: + type: info + message: "${response.out}" + check_relay_status: + - cmd[cp]: + user: root + commands: + - bash /home/jelastic/mbmanager/relay/check_relay_status.sh + - return: + type: info + message: "${response.out}" + disable_relay: + - cmd[cp]: + user: root + commands: + - bash /home/jelastic/mbmanager/relay/disable_relay.sh + - return: + type: info + message: "${response.out}" + enable_relay: + - cmd[cp]: + user: root + commands: + - bash /home/jelastic/mbmanager/relay/enable_relay.sh + - return: + type: info + message: "${response.out}" + install_relay: + - cmd[cp]: + commands: + - bash /home/jelastic/mbmanager/relay/install_relay_ocp.sh + - return: + type: info + message: "${response.out}" + flush_keys: + - cmd[cp]: + commands: + - bash /home/jelastic/mbmanager/relay/flush_caches.sh + - return: + type: info + message: "${response.out}" + redis_status: + - cmd[cp]: + commands: + - sudo systemctl list-units --type=service | grep redis + - return: + type: info + message: "${response.out}" + redis_disable: + - cmd[cp]: + commands: + - sudo systemctl stop redis + - return: + type: info + message: "Redis has been stopped successfully" + redis_enable: + - cmd[cp]: + commands: + - sudo systemctl restart redis + - return: + type: info + message: "Redis has been successfully restarted" + redis_clear_keys: + - cmd[cp]: + commands: + - redis-cli -s /var/run/redis/redis.sock FLUSHALL + - return: + type: info + message: "${response.out}" + db_import_preparation: + - cmd[cp]: + user: root + commands: + - if [ ! -f /home/litespeed/mbmanager/dbPreparation.sh ]; then + echo "dbPreparation.sh not found. Downloading the script..."; + mkdir -p /home/litespeed/mbmanager; + curl -o /home/litespeed/mbmanager/dbPreparation.sh https://deploy-proxy.mightybox.io/tony/mb-admin/raw/branch/main/scripts/dbPreparation.sh; + chmod +x /home/litespeed/mbmanager/dbPreparation.sh; + else + echo "dbPreparation.sh already exists. Running the script..."; + fi; + - /home/litespeed/mbmanager/dbPreparation.sh + - return: + type: info + message: "${response.out}" + issue_ssl_cert: + - cmd[cp]: + user: root + commands: + - bash /home/litespeed/mbmanager/ssl-manager/ssl_manager.sh --public-ip="${settings.public_ip}" --domain="${settings.domain}" --email="${settings.email}" + - return: + type: info + message: "SSL certificate for '${settings.domain}' has been issued successfully." + check_domain_ip: + - cmd[cp]: + user: root + commands: + - bash /home/litespeed/mbmanager/ssl-manager/ipchecker.sh -d "${settings.domain}" -i "${settings.public_ip}" + - return: + type: info + message: "${response.out}" + remove_ssl_cert: + - cmd[cp]: + user: root + commands: + - > + if [[ "${settings.confirm}" == "true" ]]; then + bash /home/litespeed/mbmanager/ssl-manager/ssl_manager.sh --domain="${settings.domain}" --remove-cert=yes --confirm=yes + else + echo "Confirmation checkbox must be checked to proceed with certificate removal." + exit 1 + fi + - return: + type: info + message: "${response.out}" + +responses: + enableSuccess: + type: success + message: "OPCache enabled successfully." + disableSuccess: + type: success + message: "OPCache disabled successfully." + clearSuccess: + type: success + message: "OPCache cleared successfully." + +buttons: + - settings: opcacheConfig + action: opcache_update_settings + caption: Update OPCache Settings + submitButtonText: Update OpCache + - settings: litespeedTTL + action: litespeed_set_ttlpub + caption: Change TTL for cache-ttl_pub in seconds + submitButtonText: Update TTL + - settings: cacheExcConfig + action: update_cache_exc + caption: Update Cache Exclusion Paths + submitButtonText: Update Paths + - settings: litespeedConfig + action: litespeed_update_settings + caption: Update LiteSpeed Cache Settings + submitButtonText: Update Cache Settings + +onUninstall: + - cmd[cp]: + user: root + commands: + # Remove all installed scripts + - rm -rf /home/litespeed/mbmanager/ssl-manager/* + - rm -rf /home/litespeed/mbmanager/relay/* + - rm -rf /home/litespeed/mbmanager/* + # Remove the parent directory if empty + - rmdir --ignore-fail-on-non-empty /home/litespeed/mbmanager || true + # Uninstall Certbot if no longer needed - if command -v certbot > /dev/null; then dnf remove -y certbot python3-certbot-dns-cloudflare; fi \ No newline at end of file diff --git a/scripts/ssl-manager/ssl_manager.sh b/scripts/ssl-manager/ssl_manager.sh index 9c46709..833e1c9 100644 --- a/scripts/ssl-manager/ssl_manager.sh +++ b/scripts/ssl-manager/ssl_manager.sh @@ -716,6 +716,198 @@ restart_litespeed() { return 0 } +# Function to remove SSL certificate and its configuration +remove_ssl_certificate() { + local domain="$1" + local confirm="${2:-no}" + + if [[ -z "$domain" ]]; then + log "Error: Domain parameter is required for certificate removal." + return 1 + fi + + # Check if certificate exists + if [[ ! -d "/etc/letsencrypt/live/$domain" && ! -d "/etc/letsencrypt/archive/$domain" ]]; then + log "Certificate for $domain not found. Nothing to remove." + return 1 + fi + + # Confirm removal if not forced + if [[ "$confirm" != "yes" ]]; then + log "WARNING: This will remove the SSL certificate for $domain and update LiteSpeed configuration." + log "Please run again with --confirm=yes to proceed with removal." + return 1 + fi + + log "Starting removal of SSL certificate for $domain..." + + # 1. Backup LiteSpeed configuration before making changes + local config_file="/var/www/conf/httpd_config.xml" + local vhost_config="/var/www/conf/vhconf.xml" + local timestamp=$(date +%Y%m%d%H%M%S) + local backup_file="${config_file}.removal.${timestamp}" + local vhost_backup="${vhost_config}.removal.${timestamp}" + + cp "$config_file" "$backup_file" + log "Created backup of LiteSpeed configuration at $backup_file" + + if [ -f "$vhost_config" ]; then + cp "$vhost_config" "$vhost_backup" + log "Created backup of virtual host configuration at $vhost_backup" + fi + + # 2. Remove domain-specific listener from LiteSpeed configuration + log "Removing domain-specific listener from LiteSpeed configuration..." + local temp_file=$(mktemp) + if [ ! -f "$temp_file" ]; then + log "ERROR: Failed to create temporary file for configuration update." + return 1 + fi + + # Remove the HTTPS-domain listener section + awk -v domain="$domain" ' + BEGIN { skip = 0; } + /HTTPS-'"$domain"'<\/name>/,/<\/listener>/ { + if ($0 ~ /HTTPS-'"$domain"'<\/name>/) { + skip = 1; + print ""; + } + if ($0 ~ /<\/listener>/ && skip == 1) { + skip = 0; + next; + } + if (skip) next; + } + { if (!skip) print; } + ' "$config_file" > "$temp_file" + + # 3. Remove from domain-specific virtual host if it exists + log "Removing domain-specific virtual host if it exists..." + local vhost_name="${domain//[.]/_}" + + awk -v vhost="$vhost_name" ' + BEGIN { skip = 0; } + /'"$vhost"'<\/name>/,/<\/virtualHost>/ { + if ($0 ~ /'"$vhost"'<\/name>/) { + skip = 1; + print ""; + } + if ($0 ~ /<\/virtualHost>/ && skip == 1) { + skip = 0; + next; + } + if (skip) next; + } + { if (!skip) print; } + ' "$temp_file" > "${temp_file}.new" + + # 4. Remove any domain mappings from shared listeners + log "Removing domain mappings from shared listeners..." + awk -v domain="$domain" ' + BEGIN { in_vhostmap = 0; skip_vhostmap = 0; vhostmap_buffer = ""; } + // { + in_vhostmap = 1; + vhostmap_buffer = $0 "\n"; + next; + } + in_vhostmap == 1 { + vhostmap_buffer = vhostmap_buffer $0 "\n"; + if ($0 ~ /'"$domain"'<\/domain>/) { + skip_vhostmap = 1; + } + if ($0 ~ /<\/vhostMap>/) { + if (skip_vhostmap == 0) { + printf "%s", vhostmap_buffer; + } else { + print ""; + } + in_vhostmap = 0; + skip_vhostmap = 0; + vhostmap_buffer = ""; + } + next; + } + { print; } + ' "${temp_file}.new" > "${temp_file}.final" + + # Verify the processed file is valid + if [ ! -s "${temp_file}.final" ]; then + log "ERROR: Generated configuration is empty. Keeping original configuration." + rm -f "$temp_file" "${temp_file}.new" "${temp_file}.final" + return 1 + fi + + # Check for basic XML validity (main structure tags) + if ! grep -q "" "${temp_file}.final" || ! grep -q "" "${temp_file}.final"; then + log "ERROR: Generated configuration appears invalid. Keeping original configuration." + rm -f "$temp_file" "${temp_file}.new" "${temp_file}.final" + return 1 + fi + + # Apply changes + cp "${temp_file}.final" "$config_file" + rm -f "$temp_file" "${temp_file}.new" "${temp_file}.final" + + # 5. Clean up any references in vhconf.xml files + log "Cleaning up references in vhost configuration files..." + find /var/www/conf -name "vhconf.xml" -type f -exec grep -l "$domain" {} \; | while read vhconf_file; do + log "Cleaning references in $vhconf_file..." + sed -i "/$domain/d" "$vhconf_file" + done + + # 6. Use certbot to revoke and delete the certificate + log "Revoking and removing certificate using Certbot..." + if certbot revoke --cert-name "$domain" --delete-after-revoke --non-interactive; then + log "Certificate for $domain successfully revoked and removed." + else + # If certbot revoke fails, try direct removal + log "Certbot revoke failed. Attempting direct removal of certificate files..." + rm -rf "/etc/letsencrypt/live/$domain" "/etc/letsencrypt/archive/$domain" "/etc/letsencrypt/renewal/$domain.conf" + + # Remove any symlinks that might point to the domain + find /etc/letsencrypt -type l -exec ls -l {} \; | grep "$domain" | cut -d " " -f 9 | xargs -r rm + + log "Certificate files for $domain removed directly." + fi + + # 7. Clean up Apache configuration if exists (some servers might have Apache installed) + if [ -d "/etc/apache2" ]; then + log "Checking for Apache configuration references..." + find /etc/apache2 -name "*.conf" -type f -exec grep -l "$domain" {} \; | while read apache_conf; do + log "Cleaning references in $apache_conf..." + sed -i "/$domain/d" "$apache_conf" + done + elif [ -d "/etc/httpd" ]; then + log "Checking for Apache configuration references..." + find /etc/httpd -name "*.conf" -type f -exec grep -l "$domain" {} \; | while read apache_conf; do + log "Cleaning references in $apache_conf..." + sed -i "/$domain/d" "$apache_conf" + done + fi + + # 8. Clean up LiteSpeed logs for this domain + log "Cleaning up log files for $domain..." + find /var/log/lsws/ -name "*$domain*" -type f -delete + + # 9. Clean related cache files + log "Cleaning related cache files..." + find /var/www/webroot/ROOT/.well-known/acme-challenge/ -type f -delete 2>/dev/null + + # 10. Restart LiteSpeed to apply configuration changes + if restart_litespeed; then + log "LiteSpeed restarted successfully after certificate removal." + else + log "ERROR: Failed to restart LiteSpeed after certificate removal." + return 1 + fi + + # 11. Send email notification if configured + send_email "$domain SSL Certificate Removed" "The SSL certificate for $domain has been successfully removed from the server and all related configuration has been cleaned up." + + log "SSL certificate removal completed successfully for $domain." + return 0 +} + # Parse input parameters for arg in "$@"; do case $arg in