Commit 34e182e3 authored by mh's avatar mh
Browse files

add a script to automatically update wordpress installations - enable it by...

add a script to automatically update wordpress installations - enable it by default (for new hostings)
parent 5e724fcc
#!/bin/env ruby
require 'yaml'
require 'fileutils'
require 'etc'
require 'socket'
def log(str)
puts "[#{Time.now.strftime('%d.%m.%Y %H:%M:%S')}] (#{$$}) #{str}"
end
def error_log(str)
STDERR.puts "[#{Time.now.strftime('%d.%m.%Y %H:%M:%S')}] (#{$$}) ERROR: #{str}"
end
def security_fail(str)
log str
exit 1
end
def sudo(uid,gid,&blk)
# fork off shell command to irrevocably drop all root privileges
pid = fork do
Process::Sys.setregid(gid,gid)
security_fail('could not drop privileges') unless Process::Sys.getgid == gid
security_fail('could not drop privileges') unless Process::Sys.getegid == gid
Process::Sys.setreuid(uid,uid)
security_fail('could not drop privileges') unless Process::Sys.getuid == uid
security_fail('could not drop privileges') unless Process::Sys.geteuid == uid
yield blk
end
Process.wait pid
end
def inform_about_error(sender, receiver, hosting, exit_code, log_msg, uid, gid)
sudo(uid, gid) do
text = <<EOF
Hi admins of #{hosting}
We tried to automatically update your wordpress instance. Unfortunately it failed.
Sorry for the inconvenience, but this requires *your* attention.
You might wanna have a look at your hosting and fix any present issues.
A backup of your wordpess is available in your private/ folder of your hosting.
If you are unable to fix the issue yourself or have any questions, please contact your admins.
Best regards
your friendly (but failing) wordpress updating automation
Technical details of the failure:
Exitcode: #{exit_code}
#{log_msg}
EOF
require 'mail'
mail = Mail.new do
from sender
to receiver
subject "Hosting #{hosting} - Automatic Wordpress Update failed"
body text
end
mail.delivery_method :sendmail
mail.deliver
end
end
sender = ARGV.shift || "root@#{Socket.gethostname}"
Dir['/var/www/vhosts/*/scripts/update_wordpress/update_wordpress.dirs'].each do |f|
vhost_options = YAML.load_file(f)
dir = File.dirname(f)
hosting = File.basename(File.dirname(File.dirname(dir)))
if vhost_options['auto_update']
vhost_options = YAML.load_file(File.join(File.dirname(dir),'vhost.options'))
log "Running wordpress auto_update for #{hosting}"
if File.exists?(File.join(dir,'update_wordpress.lock'))
error_log "update_wordpress.lock already exists for #{hosting} skipping"
else
run_file = File.join(dir,'update_wordpress.auto_run')
uid = Etc.getpwnam(vhost_options['sftp_user']).uid
gid = Etc.getgrnam(vhost_options['group']).gid
sudo(uid, gid) do
FileUtils.touch run_file
end
result = `/opt/webhosting_user_scripts/update_wordpress/update_wordpress.rb #{run_file} 2>&1`
exit_code = $?.to_i
if exit_code > 0
error_log "Error while running update for #{hosting} - Exitcode: #{exit_code} - #{result}"
inform_about_error(sender, vhost_options['hosting_contact'], hosting, exit_code, result, uid, gid)
end
end
else
log "NO wordpress auto_update for #{hosting}"
end
end
# the basics for the user_scripts
class webhosting::user_scripts(
$default_contact_domain = false,
$notifications_sender = "root@${facts['fqdn']}",
) {
require ::incron
......@@ -41,6 +42,21 @@ class webhosting::user_scripts(
}
}
selinux::fcontext{
'/var/www/vhosts/[^/]*/scripts/[^/]*/[^/]*\.log':
before => File['/opt/webhosting_user_scripts/common/run_incron.sh'],
setype => 'httpd_log_t';
} -> logrotate::rule{
'webhosting-scripts':
path => '/var/www/vhosts/*/scripts/*/*.log',
rotate => 7,
compress => true,
copytruncate => true,
dateext => true,
missingok => true,
}
# script dependencies
# update mode script
include ::acl::requirements
......@@ -48,10 +64,24 @@ class webhosting::user_scripts(
# wordpress updates
require ::wordpress::base
require ::tmpwatch
require ::rubygems::mail
logrotate::rule{
'webhosting-scripts':
path => '/var/www/vhosts/*/scripts/*/*.log',
file{
'/usr/local/sbin/auto_update_wordess':
source => 'puppet:///modules/webhosting/update_scripts/auto_update_wordess.rb',
require => File['/opt/webhosting_user_scripts/update_wordpress/update_wordpress.rb'],
owner => root,
group => 0,
mode => '0500';
} -> file{
'/etc/cron.daily/auto_update_wordess':
content => "#!/bin/bash\n/usr/local/sbin/auto_update_wordess ${notifications_sender}> /var/log/auto_update_wordess.log\n",
owner => root,
group => 0,
mode => '0500';
} -> logrotate::rule{
'auto-update-wordpress':
path => '/var/log/auto_update_wordess.log',
rotate => 7,
compress => true,
copytruncate => true,
......
......@@ -8,10 +8,17 @@
# NOTE: this must be a relative path to your www/
# directory!
# In most of the times you don't need to adjust
# the only allowed option `wp_directories`.
# the option `wp_directories`.
#
# wp_directories must be an array and it can point
# to multiple wordpress installations within your
# webhosting.
#
# An additional option is called `auto_update` and
# is set to true by default. Removing that option
# or setting it to false disables the automatic
# updates that run the update_wordpress script
# on a daily basis.
---
auto_update: true
wp_directories: ['.']
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment