#!/bin/bash #################################################################################################### #### author: SlickStack ############################################################################ #### link: https://slickstack.io ################################################################### #### mirror: https://mirrors.slickstack.io/bash/ss-worker.txt ###################################### #### path: /var/www/ss-worker ###################################################################### #### destination: n/a (not a boilerplate) ########################################################## #### purpose: Performs SlickStack maintenance tasks and retrieves the latest ss-check file ######### #### module version: Ubuntu 20.04 LTS ############################################################## #### sourced by: ss core cron jobs, ss-install, ss-update, ss update ############################### #### bash aliases: ss worker ####################################################################### #################################################################################################### ## source ss-config ## source /var/www/ss-config ## source ss-functions ## source /var/www/ss-functions ## BELOW THIS RELIES ON SS-CONFIG AND SS-FUNCTIONS #################################################################################################### #### TABLE OF CONTENTS ############################################################################# #################################################################################################### ## A. Touch Timestamp File ## B. Message (Begin Script) ## C. Cleanup Temporary Files ## D. Backup Current SS-Config File ## E. Retrieve Latest SS-Check (Bash Script) ## E. Reset SlickStack Core Permissions ## H. Install Ubuntu Swapfile (If Not Exists) #################################################################################################### #### A. SS-Worker: Touch Timestamp File ############################################################ #################################################################################################### ## this is a dummy timestamp file that will remember the last time this script was run ## ## it can be useful for developer reference and is sometimes used by SlickStack ## ## script timestamp ## touch "$TIMESTAMP_SS_WORKER" #################################################################################################### #### B. SS-Worker: Message (Begin Script) ########################################################## #################################################################################################### ## this is a simple message that announces to the shell the purpose of this bash script ## ## it will only be noticed by sudo users who manually call ss core bash scripts ## ## echo message ## echo -e "${PURPLE}Running ss-worker: Performs SlickStack maintenance tasks and retrieves the latest ss-check file... ${NOCOLOR}" sleep "$SLEEP_MESSAGE_BEGIN" #################################################################################################### #### C. SS-Worker: Cleanup Temporary Files ######################################################### #################################################################################################### ## we briefly cleanup any leftover temporarily files that are relevant to this script ## ## this is performed before and after associated code runs to avoid conflicts ## ## delete tmp files ## rm /tmp/ss* rm /tmp/*cron* rm /tmp/blacklist* rm /tmp/maintenance.html* #################################################################################################### #### D. SS-Worker: Backup Current SS-Config File ################################################### #################################################################################################### ## SNIPPET: ss-update-config, ss-worker ## UPDATED: 11SEP2021 ## this will replicate your current ss-config file (and settings) to the backups dir ## ## the older .bak files will be cleaned up periodically by ss-clean-files ## ## backup ss-config ## CURRENT_TIME=$(date "+%Y.%b.%d-%H:%M:%S") cp /var/www/ss-config /var/www/backups/config/ss-config.bak.$CURRENT_TIME #################################################################################################### #### E. SS-Worker: Retrieve Latest SS-Check (Bash Script) ########################################## #################################################################################################### ## here we retrieve the latest ss-check core bash script to improve overall redundancy ## ## thus ss-check avoids installing itself and no single point of failure (SPOF) ## ## retrieve latest ss-check ## wget -O "$TMP_SS_CHECK" "$MIRROR_SS_CHECK" ## install ss-check ## cp "$TMP_SS_CHECK" "$PATH_SS_CHECK" #################################################################################################### #### SS-Worker: Validate Current WP-Config.php ################################################## #################################################################################################### ## this snippet will check to ensure wp-config.php exists and contains SS_EOF string ## ## if not found then it will call script to reinstall the wp-config.php file ## ## ensure wp-config.php intact (production) ## # if [[ -z "$VALIDATE_WP_CONFIG_PHP" ]]; then # source /var/www/ss-install-wordpress-config # fi #################################################################################################### #### SS-Worker: Retrieve Latest Custom Cron Job Boilerplates (If Not Exist) ######################## #################################################################################################### ## this will retrieve and install boilerplates for custom cron jobs if none are found ## ## you can then edit these files as needed and they will not be overwritten ## if [[ ! -f "/var/www/crons/custom/01-cron-often-custom" ]]; then wget -O /tmp/01-cron-often-custom "$MIRROR_01_CRON_OFTEN_CUSTOM" cp -n /tmp/01-cron-often-custom /var/www/crons/custom/01-cron-often-custom fi if [[ ! -f "/var/www/crons/custom/02-cron-regular-custom" ]]; then wget -O /tmp/02-cron-regular-custom "$MIRROR_02_CRON_REGULAR_CUSTOM" cp -n /tmp/02-cron-regular-custom /var/www/crons/custom/02-cron-regular-custom fi if [[ ! -f "/var/www/crons/custom/03-cron-quarter-hourly-custom" ]]; then wget -O /tmp/03-cron-quarter-hourly-custom "$MIRROR_03_CRON_QUARTER_HOURLY_CUSTOM" cp -n /tmp/03-cron-quarter-hourly-custom /var/www/crons/custom/03-cron-quarter-hourly-custom fi if [[ ! -f "/var/www/crons/custom/04-cron-half-hourly-custom" ]]; then wget -O /tmp/04-cron-half-hourly-custom "$MIRROR_04_CRON_HALF_HOURLY_CUSTOM" cp -n /tmp/04-cron-half-hourly-custom /var/www/crons/custom/04-cron-half-hourly-custom fi if [[ ! -f "/var/www/crons/custom/05-cron-hourly-custom" ]]; then wget -O /tmp/05-cron-hourly-custom "$MIRROR_05_CRON_HOURLY_CUSTOM" cp -n /tmp/05-cron-hourly-custom /var/www/crons/custom/05-cron-hourly-custom fi if [[ ! -f "/var/www/crons/custom/06-cron-quarter-daily-custom" ]]; then wget -O /tmp/06-cron-quarter-daily-custom "$MIRROR_06_CRON_QUARTER_DAILY_CUSTOM" cp -n /tmp/06-cron-quarter-daily-custom /var/www/crons/custom/06-cron-quarter-daily-custom fi if [[ ! -f "/var/www/crons/custom/07-cron-half-daily-custom" ]]; then wget -O /tmp/07-cron-half-daily-custom "$MIRROR_07_CRON_HALF_DAILY_CUSTOM" cp -n /tmp/07-cron-half-daily-custom /var/www/crons/custom/07-cron-half-daily-custom fi if [[ ! -f "/var/www/crons/custom/08-cron-daily-custom" ]]; then wget -O /tmp/08-cron-daily-custom "$MIRROR_08_CRON_DAILY_CUSTOM" cp -n /tmp/08-cron-daily-custom /var/www/crons/custom/08-cron-daily-custom fi if [[ ! -f "/var/www/crons/custom/09-cron-half-weekly-custom" ]]; then wget -O /tmp/09-cron-half-weekly-custom "$MIRROR_09_CRON_HALF_WEEKLY_CUSTOM" cp -n /tmp/09-cron-half-weekly-custom /var/www/crons/custom/09-cron-half-weekly-custom fi if [[ ! -f "/var/www/crons/custom/10-cron-weekly-custom" ]]; then wget -O /tmp/10-cron-weekly-custom "$MIRROR_10_CRON_WEEKLY_CUSTOM" cp -n /tmp/10-cron-weekly-custom /var/www/crons/custom/10-cron-weekly-custom fi if [[ ! -f "/var/www/crons/custom/11-cron-half-monthly-custom" ]]; then wget -O /tmp/11-cron-half-monthly-custom "$MIRROR_11_CRON_HALF_MONTHLY_CUSTOM" cp -n /tmp/11-cron-half-monthly-custom /var/www/crons/custom/11-cron-half-monthly-custom fi if [[ ! -f "/var/www/crons/custom/12-cron-monthly-custom" ]]; then wget -O /tmp/12-cron-monthly-custom "$MIRROR_12_CRON_MONTHLY_CUSTOM" cp -n /tmp/12-cron-monthly-custom /var/www/crons/custom/12-cron-monthly-custom fi if [[ ! -f "/var/www/crons/custom/13-cron-sometimes-custom" ]]; then wget -O /tmp/13-cron-sometimes-custom "$MIRROR_13_CRON_SOMETIMES_CUSTOM" cp -n /tmp/13-cron-sometimes-custom /var/www/crons/custom/13-cron-sometimes-custom fi #################################################################################################### #### SS-Worker: Install Pilot File Variables ####################################################### #################################################################################################### ## retrieve pilot file if defined ## if [[ -n "$SS_PILOT_FILE" ]]; then rm /tmp/ss-pilot wget -O /tmp/ss-pilot "$SS_PILOT_FILE" PILOT_WHITELABEL_BRAND=$(source /tmp/ss-pilot; echo $WHITELABEL_BRAND) PILOT_WHITELABEL_HOMEPAGE=$(source /tmp/ss-pilot; echo $WHITELABEL_HOMEPAGE) ## replace ss-config variables with pilot variables if exist ## if [[ -n "$PILOT_WHITELABEL_BRAND" ]]; then sed -i "s|\(^WHITELABEL_BRAND=\).*|WHITELABEL_BRAND=\"$PILOT_WHITELABEL_BRAND\"|g" /var/www/ss-config fi if [[ -n "$PILOT_WHITELABEL_HOMEPAGE" ]]; then sed -i "s|\(^WHITELABEL_HOMEPAGE=\).*|WHITELABEL_HOMEPAGE=\"$PILOT_WHITELABEL_HOMEPAGE\"|g" /var/www/ss-config fi rm /tmp/ss-pilot fi #################################################################################################### #### SS-Worker: Install Latest SS-Constants.php Boilerplate ######################################## #################################################################################################### ## SNIPPET: ss-install-wordpress-config, ss-worker ## here we use some janky magic to convert various system settings into PHP constants ## ## this allows us to use these handy PHP constants inside PHP scripts etc ## ## retrieve latest ss-constants.php boilerplate ## wget -O "$TMP_SS_CONSTANTS_PHP" "$MIRROR_SS_CONSTANTS_PHP" VALIDATE_TMP_SS_CONSTANTS_PHP=$(grep 'SS_EOF' "$TMP_SS_CONSTANTS_PHP") if [[ -z "$VALIDATE_TMP_SS_CONSTANTS_PHP" ]]; then rm "$TMP_SS_CONSTANTS_PHP" wget -O "$TMP_SS_CONSTANTS_PHP" "$MIRROR2_SS_CONSTANTS_PHP" fi VALIDATE2_TMP_SS_CONSTANTS_PHP=$(grep 'SS_EOF' "$TMP_SS_CONSTANTS_PHP") if [[ -z "$VALIDATE2_TMP_SS_CONSTANTS_PHP" ]]; then rm "$TMP_SS_CONSTANTS_PHP" wget -O "$TMP_SS_CONSTANTS_PHP" "$MIRROR_SS_CONSTANTS_PHP" fi VALIDATE3_TMP_SS_CONSTANTS_PHP=$(grep 'SS_EOF' "$TMP_SS_CONSTANTS_PHP") if [[ -z "$VALIDATE3_TMP_SS_CONSTANTS_PHP" ]]; then rm "$TMP_SS_CONSTANTS_PHP" wget -O "$TMP_SS_CONSTANTS_PHP" "$MIRROR2_SS_CONSTANTS_PHP" fi ## set SlickStack dashboard ## if [[ -z "$SS_DASHBOARD" ]]; then sed -i "s/@SS_DASHBOARD/true/g" "$TMP_SS_CONSTANTS_PHP" else sed -i "s/@SS_DASHBOARD/${SS_WORDPRESS_ADMIN_DASHBOARD}/g" "$TMP_SS_CONSTANTS_PHP" fi SYSTEM_SERVER_SOFTWARE=$(nginx -v |& sed 's#nginx version: nginx/##') SYSTEM_MYSQL_SIZE=$(du -sh /var/lib/mysql |& sed 's#/var/lib/mysql##') if [[ "${UBUNTU_VERSION}" == "18.04" ]]; then SYSTEM_MYSQL_VERSION=$(mysql --version |& awk '{print $5}' | sed 's/,//g') fi if [[ "${UBUNTU_VERSION}" == "20.04" ]]; then SYSTEM_MYSQL_VERSION=$(mysql --version |& awk '{print $3}' | sed 's/,//g') fi LAST_TIMESTAMP_00_CRONTAB=$(stat -c %x "$TIMESTAMP_SS_INSTALL_UBUNTU_CRONTAB") LAST_TIMESTAMP_01_CRON_OFTEN=$(stat -c %x "$TIMESTAMP_01_CRON_OFTEN") LAST_TIMESTAMP_02_CRON_REGULAR=$(stat -c %x "$TIMESTAMP_02_CRON_REGULAR") LAST_TIMESTAMP_03_CRON_QUARTER_HOURLY=$(stat -c %x "$TIMESTAMP_03_CRON_QUARTER_HOURLY") LAST_TIMESTAMP_04_CRON_HALF_HOURLY=$(stat -c %x "$TIMESTAMP_04_CRON_HALF_HOURLY") LAST_TIMESTAMP_05_CRON_HOURLY=$(stat -c %x "$TIMESTAMP_05_CRON_HOURLY") LAST_TIMESTAMP_06_CRON_QUARTER_DAILY=$(stat -c %x "$TIMESTAMP_06_CRON_QUARTER_DAILY") LAST_TIMESTAMP_07_CRON_HALF_DAILY=$(stat -c %x "$TIMESTAMP_07_CRON_HALF_DAILY") LAST_TIMESTAMP_08_CRON_DAILY=$(stat -c %x "$TIMESTAMP_08_CRON_DAILY") LAST_TIMESTAMP_09_CRON_HALF_WEEKLY=$(stat -c %x "$TIMESTAMP_09_CRON_HALF_WEEKLY") LAST_TIMESTAMP_10_CRON_WEEKLY=$(stat -c %x "$TIMESTAMP_10_CRON_WEEKLY") LAST_TIMESTAMP_11_CRON_HALF_MONTHLY=$(stat -c %x "$TIMESTAMP_11_CRON_HALF_MONTHLY") LAST_TIMESTAMP_12_CRON_MONTHLY=$(stat -c %x "$TIMESTAMP_12_CRON_MONTHLY") if [[ ! -f "$TIMESTAMP_13_CRON_SOMETIMES" ]]; then LAST_TIMESTAMP_13_CRON_SOMETIMES=$(stat -c %x "$TIMESTAMP_13_CRON_SOMETIMES") fi sed -i "s|@SS_BUILD|${SS_BUILD}|g" "$TMP_SS_CONSTANTS_PHP" ## potential name/replace conflict fix these later ## sed -i "s|@SS_WORDPRESS_PLUGIN_BLACKLIST_SOURCE|${SS_WORDPRESS_PLUGIN_BLACKLIST_SOURCE}|g" "$TMP_SS_CONSTANTS_PHP" sed -i "s|@SS_WORDPRESS_PLUGIN_BLACKLIST|${SS_WORDPRESS_PLUGIN_BLACKLIST}|g" "$TMP_SS_CONSTANTS_PHP" sed -i "s|@WP_CRON_METHOD|${WP_CRON_METHOD}|g" "$TMP_SS_CONSTANTS_PHP" sed -i "s|@WP_CRON_INTERVAL|${WP_CRON_INTERVAL}|g" "$TMP_SS_CONSTANTS_PHP" if [[ -n "$LAST_TIMESTAMP_00_CRONTAB" ]]; then sed -i "s|@LAST_TIMESTAMP_00_CRONTAB|${LAST_TIMESTAMP_00_CRONTAB}|g" "$TMP_SS_CONSTANTS_PHP" else sed -i "s|@LAST_TIMESTAMP_00_CRONTAB|UNKNOWN|g" "$TMP_SS_CONSTANTS_PHP" fi if [[ -n "$LAST_TIMESTAMP_01_CRON_OFTEN" ]]; then sed -i "s|@LAST_TIMESTAMP_01_CRON_OFTEN|${LAST_TIMESTAMP_01_CRON_OFTEN}|g" "$TMP_SS_CONSTANTS_PHP" else sed -i "s|@LAST_TIMESTAMP_01_CRON_OFTEN|UNKNOWN|g" "$TMP_SS_CONSTANTS_PHP" fi if [[ -n "$LAST_TIMESTAMP_02_CRON_REGULAR" ]]; then sed -i "s|@LAST_TIMESTAMP_02_CRON_REGULAR|${LAST_TIMESTAMP_02_CRON_REGULAR}|g" "$TMP_SS_CONSTANTS_PHP" else sed -i "s|@LAST_TIMESTAMP_02_CRON_REGULAR|UNKNOWN|g" "$TMP_SS_CONSTANTS_PHP" fi if [[ -n "$LAST_TIMESTAMP_03_CRON_QUARTER_HOURLY" ]]; then sed -i "s|@LAST_TIMESTAMP_03_CRON_QUARTER_HOURLY|${LAST_TIMESTAMP_03_CRON_QUARTER_HOURLY}|g" "$TMP_SS_CONSTANTS_PHP" else sed -i "s|@LAST_TIMESTAMP_03_CRON_QUARTER_HOURLY|UNKNOWN|g" "$TMP_SS_CONSTANTS_PHP" fi if [[ -n "$LAST_TIMESTAMP_04_CRON_HALF_HOURLY" ]]; then sed -i "s|@LAST_TIMESTAMP_04_CRON_HALF_HOURLY|${LAST_TIMESTAMP_04_CRON_HALF_HOURLY}|g" "$TMP_SS_CONSTANTS_PHP" else sed -i "s|@LAST_TIMESTAMP_04_CRON_HALF_HOURLY|UNKNOWN|g" "$TMP_SS_CONSTANTS_PHP" fi if [[ -n "$LAST_TIMESTAMP_05_CRON_HOURLY" ]]; then sed -i "s|@LAST_TIMESTAMP_05_CRON_HOURLY|${LAST_TIMESTAMP_05_CRON_HOURLY}|g" "$TMP_SS_CONSTANTS_PHP" else sed -i "s|@LAST_TIMESTAMP_05_CRON_HOURLY|UNKNOWN|g" "$TMP_SS_CONSTANTS_PHP" fi if [[ -n "$LAST_TIMESTAMP_06_CRON_QUARTER_DAILY" ]]; then sed -i "s|@LAST_TIMESTAMP_06_CRON_QUARTER_DAILY|${LAST_TIMESTAMP_06_CRON_QUARTER_DAILY}|g" "$TMP_SS_CONSTANTS_PHP" else sed -i "s|@LAST_TIMESTAMP_06_CRON_QUARTER_DAILY|UNKNOWN|g" "$TMP_SS_CONSTANTS_PHP" fi if [[ -n "$LAST_TIMESTAMP_07_CRON_HALF_DAILY" ]]; then sed -i "s|@LAST_TIMESTAMP_07_CRON_HALF_DAILY|${LAST_TIMESTAMP_07_CRON_HALF_DAILY}|g" "$TMP_SS_CONSTANTS_PHP" else sed -i "s|@LAST_TIMESTAMP_07_CRON_HALF_DAILY|UNKNOWN|g" "$TMP_SS_CONSTANTS_PHP" fi if [[ -n "$LAST_TIMESTAMP_08_CRON_DAILY" ]]; then sed -i "s|@LAST_TIMESTAMP_08_CRON_DAILY|${LAST_TIMESTAMP_08_CRON_DAILY}|g" "$TMP_SS_CONSTANTS_PHP" else sed -i "s|@LAST_TIMESTAMP_08_CRON_DAILY|UNKNOWN|g" "$TMP_SS_CONSTANTS_PHP" fi if [[ -n "$LAST_TIMESTAMP_09_CRON_HALF_WEEKLY" ]]; then sed -i "s|@LAST_TIMESTAMP_09_CRON_HALF_WEEKLY|${LAST_TIMESTAMP_09_CRON_HALF_WEEKLY}|g" "$TMP_SS_CONSTANTS_PHP" else sed -i "s|@LAST_TIMESTAMP_09_CRON_HALF_WEEKLY|UNKNOWN|g" "$TMP_SS_CONSTANTS_PHP" fi if [[ -n "$LAST_TIMESTAMP_10_CRON_WEEKLY" ]]; then sed -i "s|@LAST_TIMESTAMP_10_CRON_WEEKLY|${LAST_TIMESTAMP_10_CRON_WEEKLY}|g" "$TMP_SS_CONSTANTS_PHP" else sed -i "s|@LAST_TIMESTAMP_10_CRON_WEEKLY|UNKNOWN|g" "$TMP_SS_CONSTANTS_PHP" fi if [[ -n "$LAST_TIMESTAMP_11_CRON_HALF_MONTHLY" ]]; then sed -i "s|@LAST_TIMESTAMP_11_CRON_HALF_MONTHLY|${LAST_TIMESTAMP_11_CRON_HALF_MONTHLY}|g" "$TMP_SS_CONSTANTS_PHP" else sed -i "s|@LAST_TIMESTAMP_11_CRON_HALF_MONTHLY|UNKNOWN|g" "$TMP_SS_CONSTANTS_PHP" fi if [[ -n "$LAST_TIMESTAMP_12_CRON_MONTHLY" ]]; then sed -i "s|@LAST_TIMESTAMP_12_CRON_MONTHLY|${LAST_TIMESTAMP_12_CRON_MONTHLY}|g" "$TMP_SS_CONSTANTS_PHP" else sed -i "s|@LAST_TIMESTAMP_12_CRON_MONTHLY|UNKNOWN|g" "$TMP_SS_CONSTANTS_PHP" fi if [[ -n "$LAST_TIMESTAMP_13_CRON_SOMETIMES" ]]; then sed -i "s|@LAST_TIMESTAMP_13_CRON_SOMETIMES|${LAST_TIMESTAMP_13_CRON_SOMETIMES}|g" "$TMP_SS_CONSTANTS_PHP" else sed -i "s|@LAST_TIMESTAMP_13_CRON_SOMETIMES|UNKNOWN|g" "$TMP_SS_CONSTANTS_PHP" fi sed -i "s|@SYSTEM_VENDOR|${SYSTEM_VENDOR}|g" "$TMP_SS_CONSTANTS_PHP" sed -i "s|@SYSTEM_VIRTUAL|${SYSTEM_VIRTUAL}|g" "$TMP_SS_CONSTANTS_PHP" sed -i "s|@SYSTEM_LINUX_KERNEL|${SYSTEM_LINUX_KERNEL}|g" "$TMP_SS_CONSTANTS_PHP" sed -i "s|@SYSTEM_CPU_CORES|${SYSTEM_CPU_CORES}|g" "$TMP_SS_CONSTANTS_PHP" sed -i "s|@SYSTEM_OS_PRETTY_NAME|${SYSTEM_OS_PRETTY_NAME}|g" "$TMP_SS_CONSTANTS_PHP" sed -i "s|@SYSTEM_MYSQL_VERSION|${SYSTEM_MYSQL_VERSION}|g" "$TMP_SS_CONSTANTS_PHP" sed -i "s|@SYSTEM_MYSQL_SIZE|${SYSTEM_MYSQL_SIZE}|g" "$TMP_SS_CONSTANTS_PHP" sed -i "s|@SYSTEM_DISK_FREE|${SYSTEM_DISK_FREE}|g" "$TMP_SS_CONSTANTS_PHP" sed -i "s|@SYSTEM_DISK_TOTAL|${SYSTEM_DISK_TOTAL}|g" "$TMP_SS_CONSTANTS_PHP" sed -i "s|@SYSTEM_IPV4_ADDRESS|${SYSTEM_IPV4_ADDRESS}|g" "$TMP_SS_CONSTANTS_PHP" sed -i "s|@SYSTEM_IPV6_ADDRESS|${SYSTEM_IPV6_ADDRESS}|g" "$TMP_SS_CONSTANTS_PHP" sed -i "s|@SYSTEM_HOSTNAME|${SYSTEM_HOSTNAME}|g" "$TMP_SS_CONSTANTS_PHP" sed -i "s|@SYSTEM_SERVER_SOFTWARE|${SYSTEM_SERVER_SOFTWARE}|g" "$TMP_SS_CONSTANTS_PHP" SYSTEM_PHP_VERSION=$(php -v | awk '/^PHP/{print $2}' | awk -F '\\-*' '{print $1""}') SYSTEM_PHP_EXTENSIONS=$(php -m | paste -s -d , | sed -e 's/,/, /g' | awk -F 'zlib' '{print $1"zlib"}' | sed -e 's#\[PHP Modules\], ##g') sed -i "s|@SYSTEM_PHP_VERSION|${SYSTEM_PHP_VERSION}|g" "$TMP_SS_CONSTANTS_PHP" sed -i "s|@SYSTEM_PHP_EXTENSIONS|${SYSTEM_PHP_EXTENSIONS}|g" "$TMP_SS_CONSTANTS_PHP" VALIDATE_TMP_SS_CONSTANTS_PHP=$(grep 'SS_EOF' "$TMP_SS_CONSTANTS_PHP") if [[ -n "$VALIDATE_TMP_SS_CONSTANTS_PHP" ]]; then cp "$TMP_SS_CONSTANTS_PHP" "$PATH_SS_CONSTANTS_PHP" chown www-data:www-data "$PATH_SS_CONSTANTS_PHP" chmod 0440 "$PATH_SS_CONSTANTS_PHP" ## 0440 (read-only) fi #################################################################################################### #### SS-Worker: Reset Permissions (SlickStack Core) ################################################# #################################################################################################### ## THIS SNIPPET DOES NOT RELY ON SS-CONFIG OR SS-FUNCTIONS ## ## SNIPPET: ss-check, ss-worker, ss core cron jobs ## we hardcode this permissions reset snippet into all ss core scripts for redundancy ## ## this ensures permissions are regularly fixed without requiring dependencies ## ## make directories ## mkdir /var/www mkdir /var/www/backups mkdir /var/www/backups/config mkdir /var/www/backups/html mkdir /var/www/backups/mysql mkdir /var/www/backups/mysql/data mkdir /var/www/cache mkdir /var/www/cache/nginx mkdir /var/www/cache/opcache mkdir /var/www/cache/system mkdir /var/www/certs mkdir /var/www/certs/keys mkdir /var/www/crons mkdir /var/www/crons/custom mkdir /var/www/html mkdir /var/www/html/.well-known mkdir /var/www/html/.well-known/acme-challenge mkdir /var/www/logs mkdir /var/www/meta mkdir /var/www/sites ## user/group ownership ## chown root:root /var/www ## must be root:root chown root:root /var/www/backups ## must be root:root chown root:root /var/www/backups/config ## must be root:root chown root:root /var/www/backups/mysql ## must be root:root chown root:root /var/www/backups/mysql/data ## must be root:root chown www-data:www-data /var/www/cache ## must be www-data:www-data chown www-data:www-data /var/www/cache/nginx ## must be www-data:www-data chown www-data:www-data /var/www/cache/opcache ## must be www-data:www-data chown root:root /var/www/cache/system ## must be root:root chown root:root /var/www/certs ## must be root:root chown root:root /var/www/certs/keys ## must be root:root chown root:root /var/www/crons ## must be root:root chown root:root /var/www/crons/*cron* ## must be root:root chown root:root /var/www/crons/custom ## must be root:root chown root:root /var/www/crons/custom/*cron* ## must be root:root chown -R "${SFTP_USER}":www-data /var/www/html/.well-known ## accessed by server for e.g. Cerbot but also by SFTP user for things like Stripe ## chown -R "${SFTP_USER}":www-data /var/www/html/.well-known/acme-challenge ## accessed by server for e.g. Cerbot but also by SFTP user for things like Stripe ## chown www-data:www-data /var/www/logs ## must be www-data:www-data chown www-data:www-data /var/www/meta ## must be www-data:www-data chown www-data:www-data /var/www/meta/ss-constants.php ## must be www-data:www-data chown root:root /var/www/ss* ## must be root:root ## linux permissions ## chmod 0755 /var/www ## must be 0755 chmod 0775 /var/www/cache ## 6755 should also work chmod 0755 /var/www/cache/opcache ## 755 should also work chmod 0755 /var/www/certs ## must be 0755 chmod 0700 /var/www/certs/keys ## must be 0700 chmod 0644 /var/www/certs/*.crt ## must be 0644 chmod 0644 /var/www/certs/*.pem ## must be 0644 chmod 0600 /var/www/certs/keys/*.key ## must be 0600 chmod 0600 /var/www/certs/keys/*.pem ## must be 0600 chmod 0755 /var/www/crons ## must be 0755 chmod 0700 /var/www/crons/*cron* ## 0700 means only root can execute chmod 0755 /var/www/crons/custom ## must be 0755 chmod 0700 /var/www/crons/custom/*cron* ## 0700 means only root can execute chmod 0755 /var/www/html/.well-known ## accessed by server for e.g. Cerbot but also by SFTP user for things like Stripe ## chmod 0775 /var/www/logs ## 6755 should also work chmod 0775 /var/www/meta ## 6755 should also work chmod 0440 /var/www/meta/ss-constants.php chmod 0700 /var/www/ss* ## 0700 means only root can execute #################################################################################################### ## SS-Worker: Download Latest Blacklist.txt File For Plugin Blacklist (MU Plugin) ################## #################################################################################################### ## here we retrieve the latest plugin blacklist file which might contain urgent changes ## ## maintaining a thoughtful blacklist vastly improves WP performance and security ## ## download latest blacklist (or custom blacklist) ## if [[ -z "$PLUGIN_BLACKLIST_SOURCE" ]] && [[ -z "$SS_WORDPRESS_PLUGIN_BLACKLIST_SOURCE" ]]; then wget -O /tmp/blacklist.txt "$MIRROR_BLACKLIST_TXT" elif [[ -n "$PLUGIN_BLACKLIST_SOURCE" ]]; then wget -O /tmp/blacklist.txt "$PLUGIN_BLACKLIST_SOURCE" elif [[ -n "$SS_WORDPRESS_PLUGIN_BLACKLIST_SOURCE" ]]; then wget -O /tmp/blacklist.txt "$SS_WORDPRESS_PLUGIN_BLACKLIST_SOURCE" fi ## copy file to wp-content directory ## cp /tmp/blacklist.txt /var/www/html/wp-content/blacklist.txt ## reset permissions ## chown www-data:wordpress /var/www/html/wp-content/blacklist.txt ## change to www-data:www-data when ss-perms fixed chmod 0440 /var/www/html/wp-content/blacklist.txt ## NULL blacklist.txt if ss-config false (allows default SS MU plugin to be installed while still being able to disable plugin blacklist) ## if [[ "$SS_PLUGIN_BLACKLIST" == "false" || "$SS_WORDPRESS_PLUGIN_BLACKLIST" == "false" ]]; then cat /dev/null > /var/www/html/wp-content/blacklist.txt cat /dev/null > /var/www/html/dev/wp-content/blacklist.txt cat /dev/null > /var/www/html/staging/wp-content/blacklist.txt fi #################################################################################################### #### H. SS-Worker: Install Ubuntu Swapfile (If Not Exists) ######################################### #################################################################################################### ## CONVERT TO INTERVAL_SS probably better ## this snippet will check if the Linux swapfile exists yet and install if not found ## ## we include here because the swapfile is so helpful in maintaining stability ## ## run ss-install-ubuntu-swapfile ## if [[ ! -f "/var/www/cache/system/swapfile" ]]; then source "$PATH_SS_INSTALL_UBUNTU_SWAPFILE" fi #################################################################################################### #### I. SS-Worker: Generate Lets Encrypt Certificate (If Not Exists) ############################### #################################################################################################### ## here we test if Lets Encrypt certificate symlinks exist and target files exist ## ## if anything appears broken then Certbot will regenerate the certs files ## ## run ss-encrypt-certbot ## # if [[ ! -e "/var/www/certs/fullchain.pem;" ]] || [[ ! -e "/var/www/certs/keys/privkey.pem" ]]; then # source "$PATH_SS_ENCRYPT_CERTBOT" # fi #################################################################################################### #### SS-Worker: Calculate Largest Directories On Server + Update Meta Records ###################### #################################################################################################### # du -a /var/www/html | sort -n -r | head -n 15 #################################################################################################### #### SS-Worker: TEMP Tasks (Urgent Patches From The SlickStack Team) ############################### #################################################################################################### ## our team uses the below space to occassionally add urgent patches to SlickStack ## ## this is usually easier as it doesnt depend on your interval_ss settings ## # source /var/www/ss-install-nginx-config # source /var/www/ss-install-wordpress-cli # source /var/www/ss-install-wordpress-core # source /var/www/ss-install-wordpress-config # source /var/www/ss-install-wordpress-mu-plugins # source /var/www/ss-perms # source /var/www/ss-install-ubuntu-bash # source /var/www/ss-install-ubuntu-users # source /var/www/ss-encrypt-openssl # source /var/www/ss-encrypt-certbot # source /var/www/ss-reboot # source /var/www/ss-install-ubuntu-crontab # source /var/www/ss-update-config # source /var/www/ss-install-ufw # source /var/www/ss-clean-files # OUTDATED_NGINX_CONF=$(grep 'slickstack.crt' /etc/nginx/nginx.conf) # if [[ -n "$OUTDATED_NGINX_CONF" ]]; then # source /var/www/ss-install-nginx-config # fi ## fix ss-config settings ## # sed -i "s|## EOF|## SS_EOF|g" /var/www/ss-config # sed -i "s|@STAGING_SITE_STATUS|true|g" /var/www/ss-config # sed -i "s|@DEV_SITE_STATUS|true|g" /var/www/ss-config # sed -i "s|@DB_NAME|wordpress|g" /var/www/ss-config # sed -i "s|SS_MU_PLUGINS=|SS_WORDPRESS_MU_PLUGINS=|g" /var/www/ss-config ## temp fix to prevent staging/dev malware installs while we settle the ss-install-mysql-database new script rm /var/www/html/dev/wp-config-sample* rm /var/www/html/dev/wp-admin/install.php rm /var/www/html/staging/wp-config-sample* rm /var/www/html/staging/wp-admin/install.php ## temp fix ## sed -i "s|@SS_PILOT_FILE||g" /var/www/ss-config sed -i "s|@SS_WORDPRESS_PLUGIN_BLACKLIST|true|g" /var/www/ss-config #################################################################################################### #### SS-Worker: Cleanup Temporary Files ############################################################ #################################################################################################### ## delete tmp files ## rm /tmp/ss* rm /tmp/*cron* rm /tmp/blacklist* rm /tmp/maintenance.html* #################################################################################################### #### SS-Worker: Reset Permissions (SS Core Bash Scripts + SS Core Cron Jobs) ####################### #################################################################################################### ## SNIPPET: ss-check, ss-worker, ss core cron jobs ## we hardcode this permissions reset snippet into all ss core scripts for redundancy ## ## chmod 0700 means only the root/sudo users can execute the ss core scripts ## ## reset permissions ## chown root:root /var/www/ss* ## must be root:root chown root:root /var/www/crons/*cron* ## must be root:root chmod 0700 /var/www/ss* ## 0700 means root can execute chmod 0700 /var/www/crons/*cron* ## 0700 means root can execute ## THIS SNIPPET DOES NOT RELY ON SS-CONFIG OR SS-FUNCTIONS #################################################################################################### #### SlickStack: External References Used To Improve This Script (Thanks, Interwebz) ############### #################################################################################################### ## Ref: https://linuxize.com/post/bash-functions/ ## Ref: https://www.cyberciti.biz/faq/unix-linux-appleosx-bsd-shell-appending-date-to-filename/ ## Ref: https://wordpress.stackexchange.com/questions/199725/triggering-cron-by-calling-wp-cron-php-on-the-command-line-rather-than-with-wget ## Ref: https://serverfault.com/questions/259302/best-location-to-keep-ssl-certificates-and-private-keys-on-ubuntu-servers ## Ref: https://tldp.org/LDP/abs/html/comparison-ops.html ## Ref: https://stackoverflow.com/questions/33203898/wget-skip-download-if-file-already-exists ## Ref: https://stackoverflow.com/questions/12664534/idealised-wget-download-install-process ## Ref: https://unix.stackexchange.com/questions/471521/how-to-get-only-the-version-number-of-php ## Ref: https://stackoverflow.com/questions/62271695/sed-command-isnt-working-to-extract-the-nginx-version-number ## Ref: https://unix.stackexchange.com/questions/67806/how-to-recursively-find-the-amount-stored-in-directory ## Ref: https://www.tecmint.com/check-linux-disk-usage-of-files-and-directories/ ## Ref: https://dba.stackexchange.com/questions/14337/calculating-disk-space-usage-per-mysql-db ## Ref: https://serverfault.com/questions/693027/how-to-extract-mysql-version-by-bash-script-in-centos-6 ## Ref: https://ss64.com/bash/stat.html ## Ref: https://stackoverflow.com/questions/8714355/turning-multi-line-string-into-single-comma-separated ## Ref: https://unix.stackexchange.com/questions/104881/remove-particular-characters-from-a-variable-using-bash ## Ref: https://unix.stackexchange.com/questions/257514/how-to-delete-the-rest-of-each-line-after-a-certain-pattern-or-a-string-in-a-fil ## Ref: https://stackoverflow.com/questions/8049132/how-can-i-detect-whether-a-symlink-is-broken-in-bash ## SS_EOF