Merge pull request #285 from andreapollastri/3.x

Client Built + Nginx Fix + Optional GO branch

app/Console/Commands/CipiUpdate.php

@@ -41,16 +41,29 @@ class CipiUpdate extends Command
     public function handle()
     {
 
-        //2021-04-28 - Fix Client Server Versions
-        $servers = Server::where('build', '<>', '202104281')->get();
+        //2021-12-09 - PHP 8.1 to client
+        $servers = Server::where('build', '<>','202112091')->get();
 
         foreach ($servers as $server) {
-            $server->build = '202104281';
+
+            $ssh = new SSH2($this->server->ip, 22);
+            $ssh->login('cipi', $this->server->password);
+            $ssh->setTimeout(360);
+            $ssh->exec('echo '.$this->server->password.' | sudo -S sudo unlink newsite');
+            $ssh->exec('echo '.$this->server->password.' | sudo -S sudo wget '.config('app.url').'/sh/client-patch/php81');
+            $ssh->exec('echo '.$this->server->password.' | sudo -S sudo dos2unix php81');
+            $ssh->exec('echo '.$this->server->password.' | sudo -S sudo bash php81');
+            $ssh->exec('echo '.$this->server->password.' | sudo -S sudo unlink php81');
+            $ssh->exec('exit');
+
+
+
+            $server->build = '202112091';
             $server->save();
         }
-        
+
         $server = Server::where('default', 1)->first();
-        
+
         $ssh = new SSH2($server->ip, 22);
         $ssh->login('cipi', $server->password);
         $ssh->setTimeout(360);

app/Http/Controllers/ShellController.php

@@ -43,7 +43,7 @@ class ShellController extends Controller
         $script = str_replace('???REPO???', $site->repository, $script);
         $script = str_replace('???BRANCH???', $site->branch, $script);
         $script = str_replace('???SCRIPT???', $site->deploy, $script);
-        
+
         return response($script)
                 ->withHeaders(['Content-Type' =>'application/x-sh']);
     }
@@ -71,7 +71,7 @@ class ShellController extends Controller
         return response($script)
                 ->withHeaders(['Content-Type' =>'application/x-sh']);
     }
-    
+
 
     /**
      * Delete Site script
@@ -97,4 +97,17 @@ class ShellController extends Controller
         return response($script)
                 ->withHeaders(['Content-Type' =>'application/x-sh']);
     }
+
+
+    /**
+     * Client Patch - 202112091
+     *
+    */
+    public function patch202112091()
+    {
+        $script = Storage::get('cipi/patch202112091.sh');
+
+        return response($script)
+                ->withHeaders(['Content-Type' =>'application/x-sh']);
+    }
 }

app/Jobs/SslSiteSSH.php

@@ -37,15 +37,19 @@ class SslSiteSSH implements ShouldQueue
         $ssh->login('cipi', $this->site->server->password);
         $ssh->setTimeout(360);
         $ssh->exec('echo '.$this->site->server->password.' | sudo -S sudo systemctl restart nginx.service');
+        $ssh->exec('echo '.$this->site->server->password.' | sudo -S sudo ufw disable');
         $ssh->exec('echo '.$this->site->server->password.' | sudo -S sudo certbot --nginx -d '.$this->site->domain.' --non-interactive --agree-tos --register-unsafely-without-email');
         $ssh->exec('echo '.$this->site->server->password.' | sudo -S sudo systemctl restart nginx.service');
         $ssh->exec("echo ".$this->site->server->password." | sudo -S sudo sed -i 's/443 ssl/443 ssl http2/g' /etc/nginx/sites-enabled/".$this->site->username.".conf");
+        $ssh->exec('echo '.$this->site->server->password.' | sudo -S sudo ufw --force enable');
         $ssh->exec('echo '.$this->site->server->password.' | sudo -S sudo systemctl restart nginx.service');
         foreach ($this->site->aliases as $alias) {
             $ssh->exec('echo '.$this->site->server->password.' | sudo -S sudo systemctl restart nginx.service');
+            $ssh->exec('echo '.$this->site->server->password.' | sudo -S sudo ufw disable');
             $ssh->exec('echo '.$this->site->server->password.' | sudo -S sudo certbot --nginx -d '.$alias->domain.' --non-interactive --agree-tos --register-unsafely-without-email');
             $ssh->exec('echo '.$this->site->server->password.' | sudo -S sudo systemctl restart nginx.service');
             $ssh->exec("echo ".$this->site->server->password." | sudo -S sudo sed -i 's/443 ssl/443 ssl http2/g' /etc/nginx/sites-enabled/".$alias->domain.".conf");
+            $ssh->exec('echo '.$this->site->server->password.' | sudo -S sudo ufw --force enable');
             $ssh->exec('echo '.$this->site->server->password.' | sudo -S sudo systemctl restart nginx.service');
         }
         $ssh->exec('exit');

go.sh

@@ -1,16 +1,17 @@
 #!/bin/bash
 
-
-
 #################################################### CONFIGURATION ###
-BUILD=202104281
+BUILD=202112091
 PASS=$(openssl rand -base64 32|sha256sum|base64|head -c 32| tr '[:upper:]' '[:lower:]')
 DBPASS=$(openssl rand -base64 24|sha256sum|base64|head -c 32| tr '[:upper:]' '[:lower:]')
 SERVERID=$(openssl rand -base64 12|sha256sum|base64|head -c 32| tr '[:upper:]' '[:lower:]')
 IP=$(curl -s https://checkip.amazonaws.com)
 REPO=andreapollastri/cipi
-BRANCH=latest
-
+if [ -z "$1" ];
+    BRANCH=latest
+then
+    BRANCH=$1
+fi
 
 
 ####################################################   CLI TOOLS   ###
@@ -544,7 +545,8 @@ echo "Let's Encrypt setup..."
 echo "${reset}"
 sleep 1s
 
-sudo snap install --beta --classic certbot
+sudo apt-get install -y certbot
+sudo apt-get install -y python3-certbot-nginx
 
 
 
@@ -643,6 +645,9 @@ echo "Last steps..."
 echo "${reset}"
 sleep 1s
 
+sudo echo 'StartLimitBurst=0' >> /usr/lib/systemd/system/user@.service
+sudo systemctl daemon-reload
+
 TASK=/etc/cron.d/cipi.crontab
 touch $TASK
 cat > "$TASK" <<EOF

routes/sh.php

@@ -9,3 +9,6 @@ Route::get('/servers/rootreset', [ShellController::class, 'serversrootreset']);
 Route::get('/newsite', [ShellController::class, 'newsite']);
 Route::get('/delsite', [ShellController::class, 'delsite']);
 Route::get('/sitepass', [ShellController::class, 'sitepass']);
+
+// Client Patch
+Route::get('/sh/client-patch/php81', [ShellController::class, 'php81']);

storage/app/cipi/cron.conf

@@ -6,6 +6,4 @@
 * * * * * cd /var/www/html && php artisan schedule:run >> /dev/null 2>&1
 5 2 * * * cd /var/www/html/utility/cipi-update && sh run.sh >> /dev/null 2>&1
 ??? 
- 
-  
  

storage/app/cipi/patch202112091.sh

@@ -0,0 +1,42 @@
+# NGINX RELOAD FIX
+sudo echo 'StartLimitBurst=0' >> /usr/lib/systemd/system/user@.service
+sudo systemctl daemon-reload
+
+# PHP 8.1
+sudo apt-get -y install php8.1-fpm
+sudo apt-get -y install php8.1-common
+sudo apt-get -y install php8.1-curl
+sudo apt-get -y install php8.1-openssl
+sudo apt-get -y install php8.1-bcmath
+sudo apt-get -y install php8.1-mbstring
+sudo apt-get -y install php8.1-tokenizer
+sudo apt-get -y install php8.1-mysql
+sudo apt-get -y install php8.1-sqlite3
+sudo apt-get -y install php8.1-pgsql
+sudo apt-get -y install php8.1-redis
+sudo apt-get -y install php8.1-memcached
+sudo apt-get -y install php8.1-json
+sudo apt-get -y install php8.1-zip
+sudo apt-get -y install php8.1-xml
+sudo apt-get -y install php8.1-soap
+sudo apt-get -y install php8.1-gd
+sudo apt-get -y install php8.1-imagick
+sudo apt-get -y install php8.1-fileinfo
+sudo apt-get -y install php8.1-imap
+sudo apt-get -y install php8.1-cli
+PHPINI=/etc/php/8.1/fpm/conf.d/cipi.ini
+sudo touch $PHPINI
+sudo cat > "$PHPINI" <<EOF
+memory_limit = 256M
+upload_max_filesize = 256M
+post_max_size = 256M
+max_execution_time = 180
+max_input_time = 180
+EOF
+sudo service php8.1-fpm restart
+sudo apt-get -y install php-dev php-pear
+sudo apt-get -y install php-dev php-pear
+
+# NODE 16
+sudo curl -sL https://deb.nodesource.com/setup_16.x | sudo bash
+sudo apt-get -y install --only-upgrade nodejs

storage/app/cipi/setup.sh

@@ -3,7 +3,7 @@
 
 
 #################################################### CONFIGURATION ###
-BUILD=202104281
+BUILD=202112091
 PASS=???
 DBPASS=???
 SERVERID=???
@@ -547,7 +547,8 @@ echo "Let's Encrypt setup..."
 echo "${reset}"
 sleep 1s
 
-sudo snap install --beta --classic certbot
+sudo apt-get install -y certbot
+sudo apt-get install -y python3-certbot-nginx
 
 
 
@@ -581,6 +582,9 @@ echo "Last steps..."
 echo "${reset}"
 sleep 1s
 
+sudo echo 'StartLimitBurst=0' >> /usr/lib/systemd/system/user@.service
+sudo systemctl daemon-reload
+
 TASK=/etc/cron.d/cipi.crontab
 touch $TASK
 cat > "$TASK" <<EOF