feat(agent,server): v0.2.7 - mu-plugin WordPress robuste, réparation wp-config, proxy cookies/headers
- Agent: mu-plugin embarqué amélioré (HTTPS forcé, filtres URL, localhost:port) - Agent: suppression des WP_HOME/WP_SITEURL hardcodés au démarrage des instances - Server/proxy: envoi X-Forwarded-Port, réécriture headers/body élargie - Server/proxy: sanitization des Set-Cookie (Secure, SameSite, Domain) - Dashboard: version agent 0.2.7, action Supprimer complète - Cleanup: binaires agent 0.2.3-0.2.6 remplacés par 0.2.7
This commit is contained in:
@@ -1,9 +1,12 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"os/exec"
|
||||
"path/filepath"
|
||||
"regexp"
|
||||
"strings"
|
||||
)
|
||||
|
||||
func instanceDir(dataDir, instanceID string) string {
|
||||
@@ -22,6 +25,14 @@ func writeCompose(dataDir, instanceID, compose string) error {
|
||||
if err := os.MkdirAll(dir, 0755); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// Ensure the EduBox mu-plugin is available and substitute its path
|
||||
muDir, err := writeMUPlugin(dataDir)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
compose = strings.ReplaceAll(compose, "{MU_PLUGINS_DIR}", filepath.Dir(muDir))
|
||||
|
||||
f := filepath.Join(dir, "docker-compose.yml")
|
||||
return os.WriteFile(f, []byte(compose), 0644)
|
||||
}
|
||||
@@ -52,3 +63,90 @@ func dockerComposeRm(dataDir, instanceID string) error {
|
||||
}
|
||||
return os.RemoveAll(dir)
|
||||
}
|
||||
|
||||
// extractPublicURL tries to find the public URL from a WordPress compose config.
|
||||
func extractPublicURL(composeConfig string) string {
|
||||
re := regexp.MustCompile(`define\('WP_HOME',\s*'([^']+)'\);`)
|
||||
m := re.FindStringSubmatch(composeConfig)
|
||||
if len(m) > 1 {
|
||||
return m[1]
|
||||
}
|
||||
return ""
|
||||
}
|
||||
|
||||
// updateWordPressURLs patches wp-config.php inside the WordPress container
|
||||
// so that WP_HOME and WP_SITEURL point to the public URL.
|
||||
func updateWordPressURLs(dataDir, instanceID, publicURL string) error {
|
||||
if publicURL == "" {
|
||||
return nil
|
||||
}
|
||||
dir := instanceDir(dataDir, instanceID)
|
||||
composeFile := filepath.Join(dir, "docker-compose.yml")
|
||||
engine := getContainerEngine()
|
||||
|
||||
script := fmt.Sprintf(`#!/bin/sh
|
||||
CONFIG=/var/www/html/wp-config.php
|
||||
if [ -f "$CONFIG" ]; then
|
||||
sed -i "s|define('WP_HOME',[^;]*);|define('WP_HOME', '%s');|" "$CONFIG"
|
||||
sed -i "s|define('WP_SITEURL',[^;]*);|define('WP_SITEURL', '%s');|" "$CONFIG"
|
||||
if ! grep -q "define('WP_HOME'" "$CONFIG"; then
|
||||
sed -i "/That's all, stop editing/i define('WP_HOME', '%s');\ndefine('WP_SITEURL', '%s');" "$CONFIG"
|
||||
fi
|
||||
fi
|
||||
`, publicURL, publicURL, publicURL, publicURL)
|
||||
|
||||
scriptPath := filepath.Join(dir, "update-wp-urls.sh")
|
||||
if err := os.WriteFile(scriptPath, []byte(script), 0755); err != nil {
|
||||
return err
|
||||
}
|
||||
defer os.Remove(scriptPath)
|
||||
|
||||
cpCmd := exec.Command(engine, "compose", "-f", composeFile, "cp", scriptPath, "app:/tmp/update-wp-urls.sh")
|
||||
cpCmd.Stdout = os.Stdout
|
||||
cpCmd.Stderr = os.Stderr
|
||||
if err := cpCmd.Run(); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
execCmd := exec.Command(engine, "compose", "-f", composeFile, "exec", "-T", "app", "sh", "/tmp/update-wp-urls.sh")
|
||||
execCmd.Stdout = os.Stdout
|
||||
execCmd.Stderr = os.Stderr
|
||||
return execCmd.Run()
|
||||
}
|
||||
|
||||
// stripWordPressHardcodedURLs removes hardcoded WP_HOME/WP_SITEURL defines
|
||||
// from wp-config.php so the EduBox mu-plugin can compute them from the Host
|
||||
// header. This is useful when repairing older instances created before the
|
||||
// mu-plugin existed.
|
||||
func stripWordPressHardcodedURLs(dataDir, instanceID string) error {
|
||||
dir := instanceDir(dataDir, instanceID)
|
||||
composeFile := filepath.Join(dir, "docker-compose.yml")
|
||||
engine := getContainerEngine()
|
||||
|
||||
script := `#!/bin/sh
|
||||
CONFIG=/var/www/html/wp-config.php
|
||||
if [ -f "$CONFIG" ]; then
|
||||
# Remove hardcoded WP_HOME / WP_SITEURL defines so the mu-plugin controls them
|
||||
sed -i "/define('WP_HOME',/d" "$CONFIG"
|
||||
sed -i "/define('WP_SITEURL',/d" "$CONFIG"
|
||||
fi
|
||||
`
|
||||
|
||||
scriptPath := filepath.Join(dir, "strip-wp-urls.sh")
|
||||
if err := os.WriteFile(scriptPath, []byte(script), 0755); err != nil {
|
||||
return err
|
||||
}
|
||||
defer os.Remove(scriptPath)
|
||||
|
||||
cpCmd := exec.Command(engine, "compose", "-f", composeFile, "cp", scriptPath, "app:/tmp/strip-wp-urls.sh")
|
||||
cpCmd.Stdout = os.Stdout
|
||||
cpCmd.Stderr = os.Stderr
|
||||
if err := cpCmd.Run(); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
execCmd := exec.Command(engine, "compose", "-f", composeFile, "exec", "-T", "app", "sh", "/tmp/strip-wp-urls.sh")
|
||||
execCmd.Stdout = os.Stdout
|
||||
execCmd.Stderr = os.Stderr
|
||||
return execCmd.Run()
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user