fastcgi_cache_path or proxy_cache_path directive."
+msgstr ""
+
+#: includes/settings-page.php:23
+#: includes/settings-page.php:36
+#: nginx-cache.php:128
+msgid "Purge Cache"
+msgstr ""
+
+#: includes/settings-page.php:27
+msgid "Automatically flush the cache when content changes"
+msgstr ""
+
+#: nginx-cache.php:80
+msgid "Cache purged."
+msgstr ""
+
+#: nginx-cache.php:85
+msgid "Cache could not be purged. %s"
+msgstr ""
+
+#: nginx-cache.php:120
+msgid "Nginx"
+msgstr ""
+
+#: nginx-cache.php:155
+msgid "Settings"
+msgstr ""
+
+#: nginx-cache.php:177
+msgid "\"Cache Zone Path\" is not set."
+msgstr ""
+
+#: nginx-cache.php:183
+msgid "\"Cache Zone Path\" does not exist."
+msgstr ""
+
+#: nginx-cache.php:187
+msgid "\"Cache Zone Path\" is not a directory."
+msgstr ""
+
+#: nginx-cache.php:193
+msgid "\"Cache Zone Path\" does not appear to be a Nginx cache zone directory."
+msgstr ""
+
+#: nginx-cache.php:197
+msgid "\"Cache Zone Path\" is not writable."
+msgstr ""
+
+#: nginx-cache.php:204
+msgid "Filesystem API could not be initialized."
+msgstr ""
diff --git a/conf/nginx-cache-custom/nginx-cache.php b/conf/nginx-cache-custom/nginx-cache.php
new file mode 100644
index 0000000..89fee6c
--- /dev/null
+++ b/conf/nginx-cache-custom/nginx-cache.php
@@ -0,0 +1,316 @@
+screen, array( $this, 'do_admin_actions' ) );
+ add_action( 'load-' . $this->screen, array( $this, 'add_settings_notices' ) );
+ }
+
+ public function register_purge_actions() {
+
+ // use `nginx_cache_purge_actions` filter to alter default purge actions
+ $purge_actions = (array) apply_filters(
+ 'nginx_cache_purge_actions',
+ array(
+ 'publish_phone', 'save_post', 'edit_post', 'delete_post', 'wp_trash_post', 'clean_post_cache',
+ 'trackback_post', 'pingback_post', 'comment_post', 'edit_comment', 'delete_comment', 'wp_set_comment_status',
+ 'switch_theme', 'wp_update_nav_menu', 'edit_user_profile_update'
+ )
+ );
+
+ foreach ( $purge_actions as $action ) {
+ if ( did_action( $action ) ) {
+ $this->purge_zone_once();
+ } else {
+ add_action( $action, array( $this, 'purge_zone_once' ) );
+ }
+ }
+
+ }
+
+ public function register_settings() {
+
+ register_setting( 'nginx-cache', 'nginx_cache_path', 'sanitize_text_field' );
+ register_setting( 'nginx-cache', 'nginx_auto_purge', 'absint' );
+
+ }
+
+ public function add_settings_notices() {
+
+// $path_error = $this->is_valid_path();
+
+ if ( isset( $_GET[ 'message' ] ) && ! isset( $_GET[ 'settings-updated' ] ) ) {
+
+ // show cache purge success message
+ if ( $_GET[ 'message' ] === 'cache-purged' ) {
+ add_settings_error( '', 'nginx_cache_path', __( 'Cache purged.', 'nginx-cache' ), 'updated' );
+ }
+
+ // show cache purge failure message
+ if ( $_GET[ 'message' ] === 'purge-cache-failed' ) {
+ add_settings_error( '', 'nginx_cache_path', sprintf( __( 'Cache could not be purged. %s', 'nginx-cache' ), wptexturize( $path_error->get_error_message() ) ) );
+ }
+
+ } elseif ( is_wp_error( $path_error ) && $path_error->get_error_code() === 'fs' ) {
+
+ // show cache path problem message
+ add_settings_error( '', 'nginx_cache_path', wptexturize( $path_error->get_error_message( 'fs' ) ) );
+
+ }
+
+ }
+
+ public function do_admin_actions() {
+
+ // purge cache
+ if ( isset( $_GET[ 'action' ] ) && $_GET[ 'action' ] === 'purge-cache' && wp_verify_nonce( $_GET[ '_wpnonce' ], 'purge-cache' ) ) {
+
+ $result = $this->purge_zone();
+ wp_safe_redirect( admin_url( add_query_arg( 'message', is_wp_error( $result ) ? 'purge-cache-failed' : 'cache-purged', $this->admin_page ) ) );
+ exit;
+
+ }
+
+ }
+
+ public function add_admin_bar_node( $wp_admin_bar ) {
+
+ // verify user capability
+ if ( ! current_user_can( $this->capability ) ) {
+ return;
+ }
+
+ // add "Nginx" node to admin-bar
+ $wp_admin_bar->add_node( array(
+ 'id' => 'nginx-cache',
+ 'title' => __( 'Nginx', 'nginx-cache' ),
+ 'href' => admin_url( $this->admin_page )
+ ) );
+
+ // add "Purge Cache" to "Nginx" node
+ $wp_admin_bar->add_node( array(
+ 'parent' => 'nginx-cache',
+ 'id' => 'purge-cache',
+ 'title' => __( 'Purge Cache', 'nginx-cache' ),
+ 'href' => wp_nonce_url( admin_url( add_query_arg( 'action', 'purge-cache', $this->admin_page ) ), 'purge-cache' )
+ ) );
+
+ }
+
+ public function add_admin_menu_page() {
+
+ // add "Tools" sub-page
+ add_management_page(
+ __( 'Nginx Cache', 'nginx-cache' ),
+ __( 'Nginx Cache', 'nginx-cache' ),
+ $this->capability,
+ 'nginx-cache',
+ array( $this, 'show_settings_page' )
+ );
+
+ }
+
+ public function show_settings_page() {
+ require_once plugin_dir_path( __FILE__ ) . '/includes/settings-page.php';
+ }
+
+ public function add_plugin_actions_links( $links ) {
+
+ // add settings link to plugin actions
+ return array_merge(
+ array( '' . __( 'Settings', 'nginx-cache' ) . '' ),
+ $links
+ );
+
+ }
+
+ public function enqueue_admin_styles( $hook_suffix ) {
+
+ if ( $hook_suffix === $this->screen ) {
+ $plugin = get_plugin_data( __FILE__ );
+ wp_enqueue_style( 'nginx-cache', plugin_dir_url( __FILE__ ) . 'includes/settings-page.css', null, $plugin[ 'Version' ] );
+ }
+
+ }
+
+ private function is_valid_path() {
+
+ global $wp_filesystem;
+
+ $path = get_option( 'nginx_cache_path' );
+
+ if ( empty( $path ) ) {
+ return new WP_Error( 'empty', __( '"Cache Zone Path" is not set.', 'nginx-cache' ) );
+ }
+
+ if ( $this->initialize_filesystem() ) {
+
+ if ( ! $wp_filesystem->exists( $path ) ) {
+ return new WP_Error( 'fs', __( '"Cache Zone Path" does not exist.', 'nginx-cache' ) );
+ }
+
+ if ( ! $wp_filesystem->is_dir( $path ) ) {
+ return new WP_Error( 'fs', __( '"Cache Zone Path" is not a directory.', 'nginx-cache' ) );
+ }
+
+ $list = $wp_filesystem->dirlist( $path, true, true );
+
+ if ( is_array( $list ) && ! $this->validate_dirlist( $list ) ) {
+ return new WP_Error( 'fs', __( '"Cache Zone Path" does not appear to be a Nginx cache zone directory.', 'nginx-cache' ) );
+ }
+
+ if ( ! $wp_filesystem->is_writable( $path ) ) {
+ return new WP_Error( 'fs', __( '"Cache Zone Path" is not writable.', 'nginx-cache' ) );
+ }
+
+ return true;
+
+ }
+
+ return new WP_Error( 'fs', __( 'Filesystem API could not be initialized.', 'nginx-cache' ) );
+
+ }
+
+ private function validate_dirlist( $list ) {
+
+ foreach ( $list as $item ) {
+
+ // abort if file is not a MD5 hash
+ if ( $item[ 'type' ] === 'f' && ( strlen( $item[ 'name' ] ) !== 32 || ! ctype_xdigit( $item[ 'name' ] ) ) ) {
+ return false;
+ }
+
+ // validate subdirectories recursively
+ if ( $item[ 'type' ] === 'd' && ! $this->validate_dirlist( $item[ 'files' ] ) ) {
+ return false;
+ }
+
+ }
+
+ return true;
+
+ }
+
+ public function purge_zone_once() {
+
+ static $completed = false;
+
+ if ( ! $completed ) {
+ $this->purge_zone();
+ $completed = true;
+ }
+
+ }
+
+ private function purge_zone() {
+
+ global $wp_filesystem;
+
+ if ( ! $this->should_purge() ) {
+ return false;
+ }
+
+// $path = get_option( 'nginx_cache_path' );
+// $path_error = $this->is_valid_path();
+
+ // abort if cache zone path is not valid
+// if ( is_wp_error( $path_error ) ) {
+// return $path_error;
+// }
+
+ // delete cache directory (recursively)
+// $wp_filesystem->rmdir( $path, true );
+
+ // recreate empty cache directory
+// $wp_filesystem->mkdir( $path );
+
+ system('sudo /bin/rm -r /var/run/nginx-cache/APP_NAME/*');
+
+ do_action( 'nginx_cache_zone_purged', $path );
+
+ return true;
+
+ }
+
+ private function should_purge() {
+
+ $post_type = get_post_type();
+
+ if ( ! $post_type ) {
+ return true;
+ }
+
+ if ( ! in_array( $post_type, (array) apply_filters( 'nginx_cache_excluded_post_types', array() ) ) ) {
+ return true;
+ }
+
+ return false;
+ }
+
+ private function initialize_filesystem() {
+
+ $path = get_option( 'nginx_cache_path' );
+
+ // if the cache directory doesn't exist, try to create it
+ if ( ! file_exists( $path ) ) {
+ mkdir( $path );
+ }
+
+ // load WordPress file API?
+ if ( ! function_exists( 'request_filesystem_credentials' ) ) {
+ require_once ABSPATH . 'wp-admin/includes/file.php';
+ }
+
+ ob_start();
+ $credentials = request_filesystem_credentials( '', '', false, $path, null, true );
+ ob_end_clean();
+
+ if ( $credentials === false ) {
+ return false;
+ }
+
+ if ( ! WP_Filesystem( $credentials, $path, true ) ) {
+ return false;
+ }
+
+ return true;
+
+ }
+
+}
+
+new NginxCache;
diff --git a/conf/nginx-cache-custom/readme.txt b/conf/nginx-cache-custom/readme.txt
new file mode 100644
index 0000000..b6bb44a
--- /dev/null
+++ b/conf/nginx-cache-custom/readme.txt
@@ -0,0 +1,66 @@
+=== Nginx Cache ===
+Contributors: tillkruess
+Donate link: https://github.com/sponsors/tillkruss
+Tags: nginx, nginx cache, cache, caching, purge, purge cache, flush, flush cache, server, performance, optimize, speed, load, fastcgi, fastcgi purge, proxy, proxy purge, reverse proxy
+Requires at least: 3.1
+Tested up to: 5.6
+Stable tag: 1.0.5
+License: GPLv3
+License URI: http://www.gnu.org/licenses/gpl-3.0.html
+
+Purge the Nginx cache (FastCGI, Proxy, uWSGI) automatically when content changes or manually within WordPress.
+
+
+== Description ==
+
+Purge the [Nginx](http://nginx.org) cache (FastCGI, Proxy, uWSGI) automatically when content changes or manually within WordPress.
+
+Requirements:
+
+ * The [Filesystem API](http://codex.wordpress.org/Filesystem_API) needs to function without asking for credentials.
+ * Nginx and PHP need to run under the same user, or PHP's user needs write access to Nginx's cache path.
+
+
+== Installation ==
+
+For detailed installation instructions, please read the [standard installation procedure for WordPress plugins](http://codex.wordpress.org/Managing_Plugins#Installing_Plugins).
+
+1. Install and activate plugin.
+2. Enter "Cache Zone Path" under _Tools -> Nginx_.
+3. Done.
+
+
+== Screenshots ==
+
+1. Plugin settings page.
+
+
+== Changelog ==
+
+= 1.0.5 =
+
+ * Added `nginx_cache_zone_purged` action
+
+= 1.0.4 =
+
+ * Improved translatable strings
+ * Fixed auto-purge bug
+ * Fixed bug when validating directory
+
+= 1.0.3 =
+
+ * Create cache directory if it doesn't exists
+ * Re-create cache directory after cache purge
+ * Allow post types to be excluded from triggering a cache purge
+
+= 1.0.2 =
+
+ * Fixed 4.6 issue with file-system credentials
+
+= 1.0.1 =
+
+ * Improved testing of file-system credentials
+
+= 1.0 =
+
+ * Initial release
diff --git a/conf/nginx-cache.conf b/conf/nginx-cache.conf
new file mode 100644
index 0000000..bdc0279
--- /dev/null
+++ b/conf/nginx-cache.conf
@@ -0,0 +1,312 @@
+#--MULTISITE--if (!-e $request_filename) {
+ #--MULTISITE--rewrite /wp-admin$ $scheme://$host$uri/ permanent;
+ #--MULTISITE--rewrite ^__PATH__(/[^/]+)?(/wp-.*) __PATH__$2 last;
+ #--MULTISITE--rewrite ^__PATH__(/[^/]+)?(/.*\.php)$ __PATH__$2 last;
+#--MULTISITE--}
+
+# fallback for robots.txt with default wordpress rules
+location @robots {
+ return 200 "User-agent: *\nDisallow: /wp-admin/\nAllow: /wp-admin/admin-ajax.php\n";
+}
+
+location @empty_gif {
+ empty_gif;
+}
+
+add_header X-fastcgi-cache $upstream_cache_status;
+
+#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
+location __PATH__/ {
+
+ # Path to source
+ alias __FINALPATH__/;
+
+ index index.php;
+ if (!-e $request_filename)
+ {
+ rewrite ^(.+)$ __PATH__/index.php?q=$1 last;
+ }
+
+ # Force usage of https
+ if ($scheme = http) {
+ rewrite ^ https://$server_name$request_uri? permanent;
+ }
+
+ client_max_body_size 1G;
+ location ~ [^/]\.php(/|$) {
+ fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+ fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
+ fastcgi_index index.php;
+ include fastcgi_params;
+ fastcgi_param REMOTE_USER $remote_user;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ try_files $uri =404;
+ fastcgi_cache_bypass $skip_cache;
+ fastcgi_no_cache $skip_cache;
+ fastcgi_cache __NAME__;
+ fastcgi_cache_valid 60m;
+ }
+
+ ##### CACHE CONFIGURATION #####
+
+ set $skip_cache 0;
+
+ # POST requests and urls with a query string should always go to PHP
+ if ($request_method = POST) {
+ set $skip_cache 1;
+ }
+ if ($query_string != "") {
+ set $skip_cache 1;
+ }
+
+ # Don't cache uris containing the following segments
+ if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
+ set $skip_cache 1;
+ }
+
+ # Don't use the cache for logged in users or recent commenters
+ if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
+ set $skip_cache 1;
+ }
+
+ location ~ /purge(/.*) {
+ fastcgi_cache_purge __NAME__ "$scheme$request_method$host$1";
+ }
+
+ location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
+ access_log off; log_not_found off; expires max;
+ }
+
+ location ~ /\. { deny all; access_log off; log_not_found off; }
+
+ ##### SECURITY CONFIGURATION #####
+
+ location = /wp-login.php {
+ limit_req zone=one burst=1 nodelay;
+ fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+ fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
+ fastcgi_index index.php;
+ include fastcgi_params;
+ fastcgi_param REMOTE_USER $remote_user;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ try_files $uri =404;
+ fastcgi_cache_bypass $skip_cache;
+ fastcgi_no_cache $skip_cache;
+ fastcgi_cache __NAME__;
+ fastcgi_cache_valid 60m;
+ }
+ # Prevent DoS attacks on wp-cron
+ location = /wp-cron.php {
+ limit_req zone=two burst=1 nodelay;
+ fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+ fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
+ fastcgi_index index.php;
+ include fastcgi_params;
+ fastcgi_param REMOTE_USER $remote_user;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ try_files $uri =404;
+ fastcgi_cache_bypass $skip_cache;
+ fastcgi_no_cache $skip_cache;
+ fastcgi_cache __NAME__;
+ fastcgi_cache_valid 60m;
+ }
+ # Prevent DoS attacks with xmlrpc.php
+ location = /xmlrpc.php {
+ limit_req zone=two burst=1 nodelay;
+ fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+ fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
+ fastcgi_index index.php;
+ include fastcgi_params;
+ fastcgi_param REMOTE_USER $remote_user;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ try_files $uri =404;
+ fastcgi_cache_bypass $skip_cache;
+ fastcgi_no_cache $skip_cache;
+ fastcgi_cache __NAME__;
+ fastcgi_cache_valid 60m;
+ }
+ # Disable wp-config.txt
+ location = /wp-config.txt {
+ deny all;
+ access_log off;
+ log_not_found off;
+ }
+ location = /robots.txt {
+ # Some WordPress plugin gererate robots.txt file
+ # Refer #340 issue
+ try_files $uri $uri/ /index.php?$args @robots;
+ access_log off;
+ log_not_found off;
+ }
+ # webp rewrite rules for jpg and png images
+ # try to load alternative image.png.webp before image.png
+ location /wp-content/uploads {
+ location ~ \.(png|jpe?g)$ {
+ add_header Vary "Accept-Encoding";
+ more_set_headers 'Access-Control-Allow-Origin : *';
+ more_set_headers "Cache-Control : public, no-transform";
+ access_log off;
+ log_not_found off;
+ expires max;
+ try_files $uri$webp_suffix $uri =404;
+ }
+ location ~* \.(php|gz|log|zip|tar|rar|xz)$ {
+ #Prevent Direct Access Of PHP Files & Backups from Web Browsers
+ deny all;
+ }
+ }
+ # webp rewrite rules for EWWW testing image
+ location /wp-content/plugins/ewww-image-optimizer/images {
+ location ~ \.(png|jpe?g)$ {
+ add_header Vary "Accept-Encoding";
+ more_set_headers 'Access-Control-Allow-Origin : *';
+ more_set_headers "Cache-Control : public, no-transform";
+ access_log off;
+ log_not_found off;
+ expires max;
+ try_files $uri$webp_suffix $uri =404;
+ }
+ location ~ \.php$ {
+ #Prevent Direct Access Of PHP Files From Web Browsers
+ deny all;
+ }
+ }
+ # enable gzip on static assets - php files are forbidden
+ location /wp-content/cache {
+ # Cache css & js files
+ location ~* \.(?:css(\.map)?|js(\.map)?|.html)$ {
+ more_set_headers 'Access-Control-Allow-Origin : *';
+ access_log off;
+ log_not_found off;
+ expires 30d;
+ }
+ location ~ \.php$ {
+ #Prevent Direct Access Of PHP Files From Web Browsers
+ deny all;
+ }
+ }
+ # Deny access to any files with a .php extension in the uploads directory
+ # Works in sub-directory installs and also in multisite network
+ # Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
+ location ~* /(?:uploads|files)/.*\.php$ {
+ deny all;
+ }
+ # mitigate DoS attack CVE with WordPress script concatenation
+ # add the following line to wp-config.php
+ # define( 'CONCATENATE_SCRIPTS', false );
+ location ~ \/wp-admin\/load-(scripts|styles).php {
+ deny all;
+ }
+ # Protect Easy Digital Download files from being accessed directly.
+ location ~ ^/wp-content/uploads/edd/(.*?)\.zip$ {
+ rewrite / permanent;
+ }
+
+ ##### ADDITIONAL LOCATIONS #####
+
+ # Basic locations files
+ location = /favicon.ico {
+ try_files /wp-content/uploads/fbrfg/favicon.ico $uri $uri/ /index.php?$args @empty_gif;
+ access_log off;
+ log_not_found off;
+ expires max;
+ }
+
+ # Cache static files
+ location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|ttf|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|webm|mp3|aac|tgz|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp|json|webmanifest|cast)$ {
+ more_set_headers 'Access-Control-Allow-Origin : *';
+ more_set_headers "Cache-Control : public, no-transform";
+ access_log off;
+ log_not_found off;
+ expires max;
+ }
+ # Cache css & js files
+ location ~* \.(?:css(\.map)?|js(\.map)?)$ {
+ more_set_headers 'Access-Control-Allow-Origin : *';
+ more_set_headers "Cache-Control : public, no-transform";
+ access_log off;
+ log_not_found off;
+ expires 30d;
+ }
+ # Security settings for better privacy
+ # Deny hidden files
+ location ~ /\.(?!well-known\/) {
+ deny all;
+ }
+ # letsencrypt validation
+ location /.well-known/acme-challenge/ {
+ alias /var/www/html/.well-known/acme-challenge/;
+ allow all;
+ auth_basic off;
+ }
+ # Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html) or other common git repository files
+ location ~* "/(^$|readme|license|example|README|LEGALNOTICE|INSTALLATION|CHANGELOG)\.(txt|html|md)" {
+ deny all;
+ }
+ # Deny backup extensions & log files and return 403 forbidden
+ location ~* "\.(old|orig|original|php#|php~|php_bak|save|swo|aspx?|tpl|sh|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rdf|gz|zip|bz2|7z|pem|asc|conf|dump)$" {
+ deny all;
+ }
+ location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" {
+ deny all;
+ }
+
+ # block base64_encoded content
+ location ~* "(base64_encode)(.*)(\()" {
+ deny all;
+ }
+
+ # block javascript eval()
+ location ~* "(eval\()" {
+ deny all;
+ }
+
+ # Additional security settings
+
+ location ~* "(127\.0\.0\.1)" {
+ deny all;
+ }
+ location ~* "([a-z0-9]{2000})" {
+ deny all;
+ }
+ location ~* "(javascript\:)(.*)(\;)" {
+ deny all;
+ }
+ location ~* "(GLOBALS|REQUEST)(=|\[|%)" {
+ deny all;
+ }
+ location ~* "(<|%3C).*script.*(>|%3)" {
+ deny all;
+ }
+ location ~ "(\\|\.\.\.|\.\./|~|`|<|>|\|)" {
+ deny all;
+ }
+ location ~* "(boot\.ini|etc/passwd|self/environ)" {
+ deny all;
+ }
+ location ~* "(thumbs?(_editor|open)?|tim(thumb)?)\.php" {
+ deny all;
+ }
+ location ~* "(\'|\")(.*)(drop|insert|md5|select|union)" {
+ deny all;
+ }
+ location ~* "(https?|ftp|php):/" {
+ deny all;
+ }
+ location ~* "(=\\\'|=\\%27|/\\\'/?)\." {
+ deny all;
+ }
+ location ~ "(\{0\}|\(/\(|\.\.\.|\+\+\+|\\\"\\\")" {
+ deny all;
+ }
+ location ~ "(~|`|<|>|:|;|%|\\|\s|\{|\}|\[|\]|\|)" {
+ deny all;
+ }
+
+ # Include SSOWAT user panel.
+ include conf.d/yunohost_panel.conf.inc;
+}
\ No newline at end of file
diff --git a/conf/nginx-standard.conf b/conf/nginx-standard.conf
new file mode 100644
index 0000000..c962095
--- /dev/null
+++ b/conf/nginx-standard.conf
@@ -0,0 +1,268 @@
+#--MULTISITE--if (!-e $request_filename) {
+ #--MULTISITE--rewrite /wp-admin$ $scheme://$host$uri/ permanent;
+ #--MULTISITE--rewrite ^__PATH__(/[^/]+)?(/wp-.*) __PATH__$2 last;
+ #--MULTISITE--rewrite ^__PATH__(/[^/]+)?(/.*\.php)$ __PATH__$2 last;
+#--MULTISITE--}
+
+# fallback for robots.txt with default wordpress rules
+location @robots {
+ return 200 "User-agent: *\nDisallow: /wp-admin/\nAllow: /wp-admin/admin-ajax.php\n";
+}
+
+location @empty_gif {
+ empty_gif;
+}
+
+#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
+location __PATH__/ {
+
+ # Path to source
+ alias __FINALPATH__/;
+
+ index index.php;
+ if (!-e $request_filename)
+ {
+ rewrite ^(.+)$ __PATH__/index.php?q=$1 last;
+ }
+
+ # Force usage of https
+ if ($scheme = http) {
+ rewrite ^ https://$server_name$request_uri? permanent;
+ }
+
+ client_max_body_size 1G;
+ location ~ [^/]\.php(/|$) {
+ fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+ fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
+ fastcgi_index index.php;
+ include fastcgi_params;
+ fastcgi_param REMOTE_USER $remote_user;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ try_files $uri =404;
+ }
+
+ location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
+ access_log off; log_not_found off; expires max;
+ }
+
+ location ~ /\. { deny all; access_log off; log_not_found off; }
+
+ ##### SECURITY CONFIGURATION #####
+
+ location = /wp-login.php {
+ limit_req zone=one burst=1 nodelay;
+ fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+ fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
+ fastcgi_index index.php;
+ include fastcgi_params;
+ fastcgi_param REMOTE_USER $remote_user;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ try_files $uri =404;
+ }
+ # Prevent DoS attacks on wp-cron
+ location = /wp-cron.php {
+ limit_req zone=two burst=1 nodelay;
+ fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+ fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
+ fastcgi_index index.php;
+ include fastcgi_params;
+ fastcgi_param REMOTE_USER $remote_user;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ try_files $uri =404;
+ }
+ # Prevent DoS attacks with xmlrpc.php
+ location = /xmlrpc.php {
+ limit_req zone=two burst=1 nodelay;
+ fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+ fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
+ fastcgi_index index.php;
+ include fastcgi_params;
+ fastcgi_param REMOTE_USER $remote_user;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ try_files $uri =404;
+ }
+ # Disable wp-config.txt
+ location = /wp-config.txt {
+ deny all;
+ access_log off;
+ log_not_found off;
+ }
+ location = /robots.txt {
+ # Some WordPress plugin gererate robots.txt file
+ # Refer #340 issue
+ try_files $uri $uri/ /index.php?$args @robots;
+ access_log off;
+ log_not_found off;
+ }
+ # webp rewrite rules for jpg and png images
+ # try to load alternative image.png.webp before image.png
+ location /wp-content/uploads {
+ location ~ \.(png|jpe?g)$ {
+ add_header Vary "Accept-Encoding";
+ more_set_headers 'Access-Control-Allow-Origin : *';
+ more_set_headers "Cache-Control : public, no-transform";
+ access_log off;
+ log_not_found off;
+ expires max;
+ try_files $uri$webp_suffix $uri =404;
+ }
+ location ~* \.(php|gz|log|zip|tar|rar|xz)$ {
+ #Prevent Direct Access Of PHP Files & Backups from Web Browsers
+ deny all;
+ }
+ }
+ # webp rewrite rules for EWWW testing image
+ location /wp-content/plugins/ewww-image-optimizer/images {
+ location ~ \.(png|jpe?g)$ {
+ add_header Vary "Accept-Encoding";
+ more_set_headers 'Access-Control-Allow-Origin : *';
+ more_set_headers "Cache-Control : public, no-transform";
+ access_log off;
+ log_not_found off;
+ expires max;
+ try_files $uri$webp_suffix $uri =404;
+ }
+ location ~ \.php$ {
+ #Prevent Direct Access Of PHP Files From Web Browsers
+ deny all;
+ }
+ }
+ # enable gzip on static assets - php files are forbidden
+ location /wp-content/cache {
+ # Cache css & js files
+ location ~* \.(?:css(\.map)?|js(\.map)?|.html)$ {
+ more_set_headers 'Access-Control-Allow-Origin : *';
+ access_log off;
+ log_not_found off;
+ expires 30d;
+ }
+ location ~ \.php$ {
+ #Prevent Direct Access Of PHP Files From Web Browsers
+ deny all;
+ }
+ }
+ # Deny access to any files with a .php extension in the uploads directory
+ # Works in sub-directory installs and also in multisite network
+ # Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
+ location ~* /(?:uploads|files)/.*\.php$ {
+ deny all;
+ }
+ # mitigate DoS attack CVE with WordPress script concatenation
+ # add the following line to wp-config.php
+ # define( 'CONCATENATE_SCRIPTS', false );
+ location ~ \/wp-admin\/load-(scripts|styles).php {
+ deny all;
+ }
+ # Protect Easy Digital Download files from being accessed directly.
+ location ~ ^/wp-content/uploads/edd/(.*?)\.zip$ {
+ rewrite / permanent;
+ }
+
+ ##### ADDITIONAL LOCATIONS #####
+
+ # Basic locations files
+ location = /favicon.ico {
+ try_files /wp-content/uploads/fbrfg/favicon.ico $uri $uri/ /index.php?$args @empty_gif;
+ access_log off;
+ log_not_found off;
+ expires max;
+ }
+
+ # Cache static files
+ location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|ttf|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|webm|mp3|aac|tgz|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp|json|webmanifest|cast)$ {
+ more_set_headers 'Access-Control-Allow-Origin : *';
+ more_set_headers "Cache-Control : public, no-transform";
+ access_log off;
+ log_not_found off;
+ expires max;
+ }
+ # Cache css & js files
+ location ~* \.(?:css(\.map)?|js(\.map)?)$ {
+ more_set_headers 'Access-Control-Allow-Origin : *';
+ more_set_headers "Cache-Control : public, no-transform";
+ access_log off;
+ log_not_found off;
+ expires 30d;
+ }
+ # Security settings for better privacy
+ # Deny hidden files
+ location ~ /\.(?!well-known\/) {
+ deny all;
+ }
+ # letsencrypt validation
+ location /.well-known/acme-challenge/ {
+ alias /var/www/html/.well-known/acme-challenge/;
+ allow all;
+ auth_basic off;
+ }
+ # Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html) or other common git repository files
+ location ~* "/(^$|readme|license|example|README|LEGALNOTICE|INSTALLATION|CHANGELOG)\.(txt|html|md)" {
+ deny all;
+ }
+ # Deny backup extensions & log files and return 403 forbidden
+ location ~* "\.(old|orig|original|php#|php~|php_bak|save|swo|aspx?|tpl|sh|bash|bak?|cfg|cgi|dll|exe|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|tar|rdf|gz|zip|bz2|7z|pem|asc|conf|dump)$" {
+ deny all;
+ }
+ location ~* "/(=|\$&|_mm|(wp-)?config\.|cgi-|etc/passwd|muieblack)" {
+ deny all;
+ }
+
+ # block base64_encoded content
+ location ~* "(base64_encode)(.*)(\()" {
+ deny all;
+ }
+
+ # block javascript eval()
+ location ~* "(eval\()" {
+ deny all;
+ }
+
+ # Additional security settings
+
+ location ~* "(127\.0\.0\.1)" {
+ deny all;
+ }
+ location ~* "([a-z0-9]{2000})" {
+ deny all;
+ }
+ location ~* "(javascript\:)(.*)(\;)" {
+ deny all;
+ }
+ location ~* "(GLOBALS|REQUEST)(=|\[|%)" {
+ deny all;
+ }
+ location ~* "(<|%3C).*script.*(>|%3)" {
+ deny all;
+ }
+ location ~ "(\\|\.\.\.|\.\./|~|`|<|>|\|)" {
+ deny all;
+ }
+ location ~* "(boot\.ini|etc/passwd|self/environ)" {
+ deny all;
+ }
+ location ~* "(thumbs?(_editor|open)?|tim(thumb)?)\.php" {
+ deny all;
+ }
+ location ~* "(\'|\")(.*)(drop|insert|md5|select|union)" {
+ deny all;
+ }
+ location ~* "(https?|ftp|php):/" {
+ deny all;
+ }
+ location ~* "(=\\\'|=\\%27|/\\\'/?)\." {
+ deny all;
+ }
+ location ~ "(\{0\}|\(/\(|\.\.\.|\+\+\+|\\\"\\\")" {
+ deny all;
+ }
+ location ~ "(~|`|<|>|:|;|%|\\|\s|\{|\}|\[|\]|\|)" {
+ deny all;
+ }
+
+ # Include SSOWAT user panel.
+ include conf.d/yunohost_panel.conf.inc;
+}
\ No newline at end of file
diff --git a/conf/nginx.conf b/conf/nginx.conf
deleted file mode 100644
index 2b5cf35..0000000
--- a/conf/nginx.conf
+++ /dev/null
@@ -1,37 +0,0 @@
-#--MULTISITE--if (!-e $request_filename) {
- #--MULTISITE--rewrite /wp-admin$ $scheme://$host$uri/ permanent;
- #--MULTISITE--rewrite ^__PATH__(/[^/]+)?(/wp-.*) __PATH__$2 last;
- #--MULTISITE--rewrite ^__PATH__(/[^/]+)?(/.*\.php)$ __PATH__$2 last;
-#--MULTISITE--}
-
-#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
-location __PATH__/ {
-
- # Path to source
- alias __FINALPATH__/;
-
- index index.php;
- if (!-e $request_filename)
- {
- rewrite ^(.+)$ __PATH__/index.php?q=$1 last;
- }
-
- # Force usage of https
- if ($scheme = http) {
- rewrite ^ https://$server_name$request_uri? permanent;
- }
-
- client_max_body_size 30m;
- location ~ [^/]\.php(/|$) {
- fastcgi_split_path_info ^(.+?\.php)(/.*)$;
- fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
- fastcgi_index index.php;
- include fastcgi_params;
- fastcgi_param REMOTE_USER $remote_user;
- fastcgi_param PATH_INFO $fastcgi_path_info;
- fastcgi_param SCRIPT_FILENAME $request_filename;
- }
-
- # Include SSOWAT user panel.
- include conf.d/yunohost_panel.conf.inc;
-}
diff --git a/manifest.json b/manifest.json
index 19028b4..e98b6f7 100644
--- a/manifest.json
+++ b/manifest.json
@@ -36,7 +36,7 @@
"fr": "Choisissez un domaine pour WordPress"
},
"example": "domain.org",
- "default": "site.yntest.weblibre.ca"
+ "default": "s8.yntest.weblibre.ca"
},
{
"name": "domain_dev",
@@ -119,13 +119,13 @@
"optional": true
},
{
- "name": "switch",
+ "name": "cache",
"type": "boolean",
"ask": {
- "en": "Do not enter anything",
- "fr": "Ne rien entrer ici"
+ "en": "Enable cache for main website?",
+ "fr": "Activer la cache pour le site principal?"
},
- "default": false
+ "default": true
},
{
"name": "phpversion",
@@ -136,6 +136,15 @@
},
"choices": ["7.0" , "7.1", "7.2", "7.3", "7.4"],
"default": "7.3"
+ },
+ {
+ "name": "switch",
+ "type": "boolean",
+ "ask": {
+ "en": "Do not enter anything",
+ "fr": "Ne rien entrer ici"
+ },
+ "default": true
}
]
}
diff --git a/scripts/install b/scripts/install
index 527575b..e0b2283 100644
--- a/scripts/install
+++ b/scripts/install
@@ -29,6 +29,7 @@ language=$YNH_APP_ARG_LANGUAGE
multisite=$YNH_APP_ARG_MULTISITE
is_public=$YNH_APP_ARG_IS_PUBLIC
repo=$YNH_APP_ARG_REPO
+cache=$YNH_APP_ARG_CACHE
switch=$YNH_APP_ARG_SWITCH
app=$YNH_APP_INSTANCE_NAME
@@ -71,6 +72,7 @@ ynh_app_setting_set --app=$app --key=admin --value=$admin_wordpress
ynh_app_setting_set --app=$app --key=language --value=$language
ynh_app_setting_set --app=$app --key=multisite --value=$multisite
ynh_app_setting_set --app=$app --key=repo --value=$repo
+ynh_app_setting_set --app=$app --key=cache --value=$cache
ynh_app_setting_set --app=$app --key=overwrite_nginx --value=1
ynh_app_setting_set --app=$app --key=overwrite_phpfpm --value=1
@@ -110,14 +112,6 @@ then
ynh_setup_source --dest_dir="$final_path"
fi
-#=================================================
-# NGINX CONFIGURATION
-#=================================================
-ynh_script_progression --message="Configuring NGINX web server..." --weight=3
-
-# Create a dedicated NGINX config
-ynh_add_nginx_config
-
#=================================================
# CREATE DEDICATED USER
#=================================================
@@ -126,6 +120,41 @@ ynh_script_progression --message="Configuring system user..." --weight=3
# Create a dedicated system user
ynh_system_user_create --username=$app
+#=================================================
+# NGINX CONFIGURATION
+#=================================================
+ynh_script_progression --message="Configuring NGINX web server..." --weight=3
+
+if [ ! -f /etc/nginx/conf.d/fastcgi.conf ];
+then
+ cp ../conf/fastcgi.conf /etc/nginx/conf.d/fastcgi.conf
+fi
+
+if [ $cache -eq 1 ]
+then
+ #=================================================
+ # Add fastcgi_cache settings
+ #=================================================
+
+ mkdir -p /var/run/nginx-cache/$app
+ chmod 750 /var/run/nginx-cache/$app
+ chgrp $app /var/run/nginx-cache/$app
+
+ echo "fastcgi_cache_path /var/run/nginx-cache/$app levels=1:2 keys_zone=$app:50m inactive=6h max_size=256M;" > /tmp/newfile
+ cat /etc/nginx/conf.d/$domain.conf >> /tmp/newfile
+ cp /tmp/newfile /etc/nginx/conf.d/$domain.conf
+ rm /tmp/newfile
+
+ cp ../conf/nginx-cache.conf ../conf/nginx.conf
+else
+ cp ../conf/nginx-standard.conf ../conf/nginx.conf
+fi
+
+systemctl reload nginx
+
+# Create a dedicated NGINX config
+ynh_add_nginx_config
+
#=================================================
# PHP-FPM CONFIGURATION
#=================================================
@@ -208,6 +237,15 @@ $wpcli_alias plugin install http-authentication
$wpcli_alias plugin install companion-auto-update
$wpcli_alias plugin install wp-fail2ban-redux
+if [ $cache -eq 1 ]
+then
+ cp -r ../conf/nginx-cache-custom $final_path/wp-content/plugins/nginx-cache-custom
+
+ ynh_replace_string --match_string="APP_NAME" --replace_string="$app" --target_file=/$final_path/wp-content/plugins/nginx-cache-custom/nginx-cache.php
+
+ echo "$app ALL=(root) NOPASSWD: /bin/rm -r /var/run/nginx-cache/$app/*" >> /etc/sudoers
+fi
+
#=================================================
# SET LANGUAGE
#=================================================
@@ -261,6 +299,12 @@ $wpcli_alias plugin activate authldap $plugin_network
$wpcli_alias plugin activate companion-auto-update $plugin_network
$wpcli_alias plugin activate wp-fail2ban-redux $plugin_network
+
+if [ $cache -eq 1 ]
+then
+ $wpcli_alias plugin activate nginx-cache-custom $plugin_network
+fi
+
#=================================================
# STORE THE CONFIG FILE CHECKSUM
#=================================================
@@ -349,7 +393,7 @@ ynh_script_progression --message="Installation of $app completed" --last
if [ $switch -eq 1 ]
then
- yunohost app install -f /home/gcossette/wordpress_ynh -a "domain=$domain_dev&domain_dev=s8-dev.yntest.weblibre.ca&domain_staging=s8-staging.yntest.weblibre.ca&path=/&admin=gcossette&language=en_US&multisite=false&is_public=true&repo=&switch=0"
+ yunohost app install -f /home/gcossette/wordpress_ynh -a "domain=$domain_dev&domain_dev=s8-dev.yntest.weblibre.ca&domain_staging=s8-staging.yntest.weblibre.ca&path=/&admin=gcossette&language=en_US&multisite=false&is_public=true&repo=&cache=0&switch=0"
- yunohost app install -f /home/gcossette/wordpress_ynh -a "domain=$domain_staging&domain_dev=s8-dev.yntest.weblibre.ca&domain_staging=s8-staging.yntest.weblibre.ca&path=/&admin=gcossette&language=en_US&multisite=false&is_public=true&repo=&switch=0"
+ yunohost app install -f /home/gcossette/wordpress_ynh -a "domain=$domain_staging&domain_dev=s8-dev.yntest.weblibre.ca&domain_staging=s8-staging.yntest.weblibre.ca&path=/&admin=gcossette&language=en_US&multisite=false&is_public=true&repo=&cache=0&switch=0"
fi
\ No newline at end of file
diff --git a/scripts/remove b/scripts/remove
index 47b57cc..028d224 100755
--- a/scripts/remove
+++ b/scripts/remove
@@ -15,21 +15,13 @@ source /usr/share/yunohost/helpers
ynh_script_progression --message="Loading installation settings..." --weight=2
app=$YNH_APP_INSTANCE_NAME
-app_dev=$app-dev
-app_staging=$app-staging
-app_initial=$app
domain=$(ynh_app_setting_get --app=$app --key=domain)
-db_name=$(ynh_app_setting_get --app=$app --key=db_name)
-final_path=$(ynh_app_setting_get --app=$app --key=final_path)
-
domain_dev=$(ynh_app_setting_get --app=$app --key=domain_dev)
-db_name_dev=$(ynh_app_setting_get --app=$app --key=db_name_dev)
-final_path_dev=$(ynh_app_setting_get --app=$app --key=final_path_dev)
-
domain_staging=$(ynh_app_setting_get --app=$app --key=domain_staging)
-db_name_staging=$(ynh_app_setting_get --app=$app --key=db_name_staging)
-final_path_staging=$(ynh_app_setting_get --app=$app --key=final_path_staging)
+db_name=$(ynh_app_setting_get --app=$app --key=db_name)
+final_path=$(ynh_app_setting_get --app=$app --key=final_path)
+cache=$(ynh_app_setting_get --app=$app --key=cache)
#=================================================
# STANDARD REMOVE
@@ -41,12 +33,6 @@ ynh_script_progression --message="Removing the MySQL database..." --weight=2
# Remove a database if it exists, along with the associated user
ynh_mysql_remove_db --db_user=$db_name --db_name=$db_name
-# Remove a database if it exists, along with the associated user
-ynh_mysql_remove_db --db_user=$db_name_dev --db_name=$db_name_dev
-
-# Remove a database if it exists, along with the associated user
-ynh_mysql_remove_db --db_user=$db_name_staging --db_name=$db_name_staging
-
#=================================================
# REMOVE APP MAIN DIR
#=================================================
@@ -55,30 +41,20 @@ ynh_script_progression --message="Removing app main directory..."
# Remove the app directory securely
ynh_secure_remove --file="$final_path"
-# Remove the app directory securely
-ynh_secure_remove --file="$final_path_dev"
-
-# Remove the app directory securely
-ynh_secure_remove --file="$final_path_staging"
-
#=================================================
# REMOVE NGINX CONFIGURATION
#=================================================
ynh_script_progression --message="Removing NGINX web server configuration..."
-# Remove the dedicated NGINX config
-ynh_remove_nginx_config
-
-app=$app_dev
-# Remove the dedicated NGINX config
-ynh_remove_nginx_config
+if [ $cache -eq 1 ]
+then
+ sed -i "/fastcgi_cache_path/d" /etc/nginx/conf.d/$domain.conf
+ rm -r /var/run/nginx-cache/$app
+fi
-app=$app_staging
# Remove the dedicated NGINX config
ynh_remove_nginx_config
-app=$app_initial
-
#=================================================
# REMOVE PHP-FPM CONFIGURATION
#=================================================
@@ -87,15 +63,11 @@ ynh_script_progression --message="Removing PHP-FPM configuration..." --weight=2
# Remove the dedicated PHP-FPM config
ynh_remove_fpm_config
-app=$app_dev
-# Remove the dedicated PHP-FPM config
-ynh_remove_fpm_config
-
-app=$app_staging
-# Remove the dedicated PHP-FPM config
-ynh_remove_fpm_config
+#=================================================
+# REMOVE PLUGIN CONFIGURATION
+#=================================================
-app=$app_initial
+sed -i "/$app ALL=(root)/d" /etc/sudoers
#=================================================
# REMOVE FAIL2BAN CONFIGURATION
@@ -105,23 +77,11 @@ ynh_script_progression --message="Removing Fail2Ban configuration..." --weight=8
# Remove the dedicated Fail2Ban config
ynh_remove_fail2ban_config
-app=$app_dev
-# Remove the dedicated Fail2Ban config
-ynh_remove_fail2ban_config
-
-app=$app_staging
-# Remove the dedicated Fail2Ban config
-ynh_remove_fail2ban_config
-
-app=$app_initial
-
#=================================================
# REMOVE THE CRON
#=================================================
ynh_secure_remove /etc/cron.d/$app
-ynh_secure_remove /etc/cron.d/$app_dev
-ynh_secure_remove /etc/cron.d/$app_staging
#=================================================
# GENERIC FINALISATION
@@ -133,14 +93,29 @@ ynh_script_progression --message="Removing the dedicated system user..." --weigh
# Delete dedicated system user
ynh_system_user_delete --username=$app
-# Delete dedicated system user
-ynh_system_user_delete --username=$app_dev
-
-# Delete dedicated system user
-ynh_system_user_delete --username=$app_staging
-
#=================================================
# END OF SCRIPT
#=================================================
-ynh_script_progression --message="Removal of $app completed" --last
+app_dev=$(yunohost app map -r | grep -A2 $domain_dev | grep id: | sed "s/.*id: //")
+if [ ! -z "$app_dev" ]; then
+ if [ -d /var/www/$app_dev ]; then
+ yunohost app remove $app_dev
+ fi
+fi
+
+app_staging=$(yunohost app map -r | grep -A2 $domain_staging | grep id: | sed "s/.*id: //")
+if [ ! -z "$app_staging" ]; then
+ if [ -d /var/www/$app_staging ]; then
+ yunohost app remove $app_staging
+ fi
+fi
+
+# TODO
+rm /etc/nginx/conf.d/fastcgi.conf
+systemctl reload nginx
+#if [[ ! $(ls -A /etc/nginx/conf.d/fastcgi.conf-*) ]]; then
+#rm /etc/nginx/conf.d/fastcgi.conf
+#fi
+
+ynh_script_progression --message="Removal of $app completed" --last
\ No newline at end of file