EasyEngine · mbtamuli · Jun 8, 2018 · Jun 6, 2018 · Jun 6, 2018 · Jun 6, 2018
diff --git a/site-command.php b/site-command.php
@@ -1,5 +1,7 @@
 <?php
 
+define( 'EE_CONFIG_TEMPLATE_ROOT', EE_ROOT . '/vendor/easyengine/site-command/templates/config' );
+
 if ( ! class_exists( 'EE' ) ) {
 	return;
 }

diff --git a/src/Site_Command.php b/src/Site_Command.php
@@ -2,8 +2,6 @@
 
 declare( ticks=1 );
 
-use EE\Utils;
-
 /**
  * Creates a simple WordPress Website.
  *
@@ -293,49 +291,69 @@ private function configure_site() {
 		$site_docker_yml         = $this->site_root . '/docker-compose.yml';
 		$site_conf_env           = $this->site_root . '/.env';
 		$site_nginx_default_conf = $site_conf_dir . '/nginx/default.conf';
-		$default_conf            = EE_SITE_CONF_ROOT . "/default/config";
+		$site_php_ini            = $site_conf_dir . '/php-fpm/php.ini';
+		$server_name             = ( 'wpsubdom' === $this->site_type ) ? "$this->site_name *.$this->site_name" : $this->site_name;
+		$process_user            = posix_getpwuid( posix_geteuid() );
 
 		if ( ! $this->create_site_root() ) {
 			EE::error( "Webroot directory for site $this->site_name already exists." );
 		}
+
 		EE::log( "Creating WordPress site $this->site_name..." );
 		EE::log( 'Copying configuration files...' );
+
 		$filter                 = array();
 		$filter[]               = $this->site_type;
 		$filter[]               = $this->cache_type;
 		$site_docker            = new Site_Docker();
 		$docker_compose_content = $site_docker->generate_docker_compose_yml( $filter );
+		$default_conf_content   = $this->generate_default_conf( $this->site_type, $this->cache_type, $server_name );
+		$env_data = [
+			'virtual_host'   => $this->site_name,
+			'root_password'  => $this->db_pass,
+			'mysql_database' => 'wordpress',
+			'mysql_user'     => 'wordpress',
+			'user_password'  => $this->db_pass,
+			'wp_db_host'     => 'db',
+			'user_id'        => $process_user['uid'],
+			'group_id'       => $process_user['gid'],
+		];
+		$env_content            = \EE\Utils\mustache_render( EE_CONFIG_TEMPLATE_ROOT . '/.env.mustache', $env_data );
+		$php_ini_content        = \EE\Utils\mustache_render( EE_CONFIG_TEMPLATE_ROOT . '/php-fpm/php.ini.mustache', [] );
 
 		try {
-			if ( ! ( \EE\Utils\copy_recursive( $default_conf, $site_conf_dir )
-				&& file_put_contents( $site_docker_yml, $docker_compose_content )
-				&& rename( "$site_conf_dir/.env.example", $site_conf_env ) ) ) {
+			if ( ! ( file_put_contents( $site_docker_yml, $docker_compose_content )
+				&& file_put_contents( $site_conf_env, $env_content )
+				&& mkdir( $site_conf_dir )
+				&& mkdir( $site_conf_dir . '/nginx' )
+				&& file_put_contents( $site_nginx_default_conf, $default_conf_content )
+				&& mkdir( $site_conf_dir . '/php-fpm' )
+				&& file_put_contents( $site_php_ini, $php_ini_content ) ) ) {
 				throw new Exception( 'Could not copy configuration files.' );
 			}
-			if ( 'wpsubdir' !== $this->site_type ) {
-				$ee_conf = ( 'wpredis' === $this->cache_type ) ? 'wpredis' : 'wp';
-			} else {
-				$ee_conf = ( 'wpredis' === $this->cache_type ) ? 'wpredis-subdir' : 'wpsubdir';
-			}
-
-			\EE\Utils\copy_recursive( EE_SITE_CONF_ROOT . "/$ee_conf/config", $site_conf_dir );
-
 			EE::success( 'Configuration files copied.' );
-
-			// Updating config file.
-			$server_name = ( 'wpsubdom' === $this->site_type ) ? "$this->site_name *.$this->site_name" : $this->site_name;
-			EE::log( 'Updating configuration files...' );
-			EE::success( 'Configuration files updated.' );
-			if ( ! ( file_put_contents( $site_conf_env, str_replace( [ '{V_HOST}', 'password' ], [ $this->site_name, $this->db_pass ], file_get_contents( $site_conf_env ) ) )
-				&& ( file_put_contents( $site_nginx_default_conf, str_replace( '{V_HOST}', $server_name, file_get_contents( $site_nginx_default_conf ) ) ) ) ) ) {
-				throw new Exception( 'Could not modify configuration files.' );
-			}
 		}
 		catch ( Exception $e ) {
 			$this->catch_clean( $e );
 		}
 	}
 
+	/**
+	 * Function to generate default.conf from mustache templates.
+	 *
+	 * @param string $site_type   Type of site (wpsubdom, wpredis etc..)
+	 * @param string $cache_type  Type of cache(wpredis or none)
+	 * @param string $server_name Name of server to use in virtual_host
+	 */
+	private function generate_default_conf( $site_type, $cache_type, $server_name ) {
+		$default_conf_data['site_type']                    = $site_type;
+		$default_conf_data['server_name']                  = $server_name;
+		$default_conf_data['include_php_conf']             = $cache_type !== 'wpredis';
+		$default_conf_data['include_wpsubdir_conf']        = $site_type === 'wpsubdir';
+		$default_conf_data['include_redis_conf']           = $cache_type === 'wpredis';
+
+		return \EE\Utils\mustache_render( EE_CONFIG_TEMPLATE_ROOT . '/nginx/default.conf.mustache', $default_conf_data );
+	}
 
 	/**
 	 * Function to create site root directory.

diff --git a/src/Site_Docker.php b/src/Site_Docker.php
@@ -52,9 +52,9 @@ public function generate_docker_compose_yml( array $filters = [] ) {
 		$nginx['image']        = array( 'name' => 'easyengine/nginx' );
 		$nginx['depends_on']   = array( 'name' => 'php' );
 		$nginx['restart']      = $restart_default;
-		$v_host                = in_array( 'wpsubdom', $filters ) ? 'VIRTUAL_HOST=${VIRTUAL_HOST},*.${VIRTUAL_HOST}' : 'VIRTUAL_HOST';
+		$v_host                = in_array( 'wpsubdom', $filters ) ? 'VIRTUAL_HOST=${VIRTUAL_HOST},HostRegexp:{subdomain:.+}.${VIRTUAL_HOST}' : 'VIRTUAL_HOST';
 		if ( in_array( 'le', $filters ) ) {
-			$le_v_host            = in_array( 'wpsubdom', $filters ) ? 'LETSENCRYPT_HOST=${VIRTUAL_HOST},*.${VIRTUAL_HOST}' : 'LETSENCRYPT_HOST=${VIRTUAL_HOST}';
+			$le_v_host            = in_array( 'wpsubdom', $filters ) ? 'LETSENCRYPT_HOST=${VIRTUAL_HOST},HostRegexp:{subdomain:.+}.${VIRTUAL_HOST}' : 'LETSENCRYPT_HOST=${VIRTUAL_HOST}';
 			$nginx['environment'] = array( 'env' => array( array( 'name' => $v_host ), array( 'name' => $le_v_host ), array( 'name' => 'LETSENCRYPT_EMAIL=${VIRTUAL_HOST_EMAIL}' ) ) );
 		} else {
 			$nginx['environment'] = array( 'env' => array( array( 'name' => $v_host ) ) );

diff --git a/templates/config/.env.mustache b/templates/config/.env.mustache
@@ -0,0 +1,10 @@
+MYSQL_ROOT_PASSWORD={{root_password}}
+MYSQL_DATABASE={{database_name}}
+MYSQL_USER={{database_user}}
+MYSQL_PASSWORD={{user_password}}
+
+WORDPRESS_DB_HOST={{wp_db_host}}
+VIRTUAL_HOST={{virtual_host}}
+VIRTUAL_HOST_EMAIL=example@{{virtual_host}}
+USER_ID={{user_id}}
+GROUP_ID={{group_id}}
diff --git a/templates/config/nginx/default.conf.mustache b/templates/config/nginx/default.conf.mustache
@@ -0,0 +1,185 @@
+# Add your custom config in custom.conf
+# ALL CHANGES IN THIS FILE WILL BE LOST AFTER EasyEngine Update
+
+server {
+	access_log   /var/log/nginx/access.log;
+	error_log    /var/log/nginx/error.log;
+
+	root /var/www/html;
+
+	server_name {{server_name}};
+
+	index index.php index.html index.htm;
+
+	{{#include_redis_conf}}
+	# Redis NGINX CONFIGURATION
+	set $skip 0;
+	# POST requests and URL with a query string should always go to php
+	if ($request_method = POST) {
+		set $skip 1;
+	}
+	if ($query_string != "") {
+		set $skip 1;
+	}
+	# Don't cache URL containing the following segments
+	if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|wp-.*.php|index.php|/feed/|sitemap(_index)?.xml|[a-z0-9_-]+-sitemap([0-9]+)?.xml)") {
+		set $skip 1;
+	}
+	# Don't use the cache for logged in users or recent commenter or customer with items in cart
+	if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in|woocommerce_items_in_cart") {
+		set $skip 1;
+	}
+	# Use cached or actual file if they exists, Otherwise pass request to WordPress
+	location / {
+		try_files $uri $uri/ /index.php?$args;
+	}
+
+	location /redis-fetch {
+		internal  ;
+		set  $redis_key $args;
+		redis_pass  ee_redis:6379;
+	}
+	location /redis-store {
+		internal  ;
+		set_unescape_uri $key $arg_key ;
+		redis2_query  set $key $echo_request_body;
+		redis2_query expire $key 14400;
+		redis2_pass  ee_redis:6379;
+	}
+
+	location ~ \.php$ {
+		#  add_header Cache-Control "max-age=0, no-cache, no-store, must-revalidate";
+		set $key "nginx-cache:$scheme$request_method$host$request_uri";
+		try_files $uri =404;
+
+		srcache_fetch_skip $skip;
+		srcache_store_skip $skip;
+
+		srcache_response_cache_control off;
+
+		set_escape_uri $escaped_key $key;
+
+		srcache_fetch GET /redis-fetch $key;
+		srcache_store PUT /redis-store key=$escaped_key;
+
+		more_set_headers 'X-SRCache-Fetch-Status $srcache_fetch_status';
+		more_set_headers 'X-SRCache-Store-Status $srcache_store_status';
+
+		include fastcgi_params;
+		fastcgi_pass php:9000;
+	}
+
+	{{/include_redis_conf}}
+
+	{{#include_wpsubdir_conf}}
+	# WPSUBDIRECTORY NGINX CONFIGURATION
+	if (!-e $request_filename) {
+
+		# Redirect wp-admin to wp-admin/
+		rewrite /wp-admin$ $scheme://$host$uri/ permanent;
+
+		# Redirect wp-* files/folders
+		rewrite ^(/[^/]+)?(/wp-.*) $2 last;
+
+		# Redirect other php files
+		rewrite ^(/[^/]+)?(/.*\.php) $2 last;
+	}
+	{{/include_wpsubdir_conf}}
+
+	{{#include_php_conf}}
+	# PHP NGINX CONFIGURATION
+	location / {
+		try_files $uri $uri/ /index.php?$args;
+	}
+	location ~ \.php$ {
+		try_files $uri =404;
+		fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
+		include fastcgi_params;
+		fastcgi_pass php:9000;
+	}
+	{{/include_php_conf}}
+
+	{{! wpcommon.conf }}
+	# WordPress COMMON SETTINGS
+	# Limit access to avoid brute force attack
+	location = /wp-login.php {
+		limit_req zone=one burst=1 nodelay;
+		include fastcgi_params;
+		fastcgi_pass php:9000;
+	}
+	# Disable wp-config.txt
+	location = /wp-config.txt {
+		deny all;
+		access_log off;
+		log_not_found off;
+	}
+	# Disallow php in upload folder
+	location /wp-content/uploads/ {
+		location ~ \.php$ {
+			#Prevent Direct Access Of PHP Files From Web Browsers
+			deny all;
+		}
+	}
+	{{! /wpcommon.conf }}
+
+	{{! locations.conf }}
+	# NGINX CONFIGURATION FOR COMMON LOCATION
+	# Basic locations files
+	location = /favicon.ico {
+		access_log off;
+		log_not_found off;
+		expires max;
+	}
+
+	location = /robots.txt {
+	# Some WordPress plugin gererate robots.txt file
+	# Refer #340 issue
+		try_files $uri $uri/ /index.php?$args;
+		access_log off;
+		log_not_found off;
+	}
+	# Cache static files
+	location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf)$ {
+		add_header "Access-Control-Allow-Origin" "*";
+		access_log off;
+		log_not_found off;
+		expires max;
+	}
+	# Security settings for better privacy
+	# Deny hidden files
+	location /.well-known {
+		allow all;
+	}
+	location ~ /\. {
+		deny all;
+		access_log off;
+		log_not_found off;
+	}
+	# Deny backup extensions & log files
+	location ~* ^.+\.(bak|log|old|orig|original|php#|php~|php_bak|save|swo|swp|sql)$ {
+		deny all;
+		access_log off;
+		log_not_found off;
+	}
+	# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html)
+	if ($uri ~* "^.+(readme|license|example)\.(txt|html)$") {
+		return 403;
+	}
+	# Status pages
+	location /nginx_status {
+		stub_status on;
+		access_log off;
+	}
+	location ~ ^/(status|ping) {
+		include fastcgi_params;
+		fastcgi_pass php:9000;
+	}
+	location ~*  \.(css|js)$ {
+		expires 1d;
+		add_header Cache-Control "public, must-revalidate";
+	}
+
+	{{! /locations.conf }}
+
+	client_max_body_size 100m;
+}
diff --git a/templates/config/php-fpm/php.ini.mustache b/templates/config/php-fpm/php.ini.mustache
@@ -0,0 +1,7 @@
+# Custom PHP settings
+
+upload_max_filesize = 100M
+post_max_size = 100M
+
+[mail function]
+sendmail_path = /usr/sbin/sendmail -S mail:1025