define :wordpress_site, :action => [ :create, :enable ] do
name = params[:name]
+ ssl_enabled = params[:ssl_enabled] || false
aliases = Array(params[:aliases])
urls = Array(params[:urls])
directory = params[:directory] || "/srv/#{name}"
notifies :reload, "service[apache2]"
end
+ wp_config = edit_file "#{directory}/wp-config-sample.php" do |line|
+ line.gsub!(/database_name_here/, database_name)
+ line.gsub!(/username_here/, database_user)
+ line.gsub!(/password_here/, database_password)
+ line.gsub!(/wp_/, database_prefix)
+
+ line.gsub!(/('AUTH_KEY', *)'put your unique phrase here'/, "\\1'#{node[:wordpress][:sites][name][:auth_key]}'")
+ line.gsub!(/('SECURE_AUTH_KEY', *)'put your unique phrase here'/, "\\1'#{node[:wordpress][:sites][name][:secure_auth_key]}'")
+ line.gsub!(/('LOGGED_IN_KEY', *)'put your unique phrase here'/, "\\1'#{node[:wordpress][:sites][name][:logged_in_key]}'")
+ line.gsub!(/('NONCE_KEY', *)'put your unique phrase here'/, "\\1'#{node[:wordpress][:sites][name][:nonce_key]}'")
+ line.gsub!(/('AUTH_SALT', *)'put your unique phrase here'/, "\\1'#{node[:wordpress][:sites][name][:auth_salt]}'")
+ line.gsub!(/('SECURE_AUTH_SALT', *)'put your unique phrase here'/, "\\1'#{node[:wordpress][:sites][name][:secure_auth_salt]}'")
+ line.gsub!(/('LOGGED_IN_SALT', *)'put your unique phrase here'/, "\\1'#{node[:wordpress][:sites][name][:logged_in_salt]}'")
+ line.gsub!(/('NONCE_SALT', *)'put your unique phrase here'/, "\\1'#{node[:wordpress][:sites][name][:nonce_salt]}'")
+
+ if line =~ /define\('WP_DEBUG'/
+ line += "\n"
+ line += "/**\n"
+ line += " * Don't allow file editing.\n"
+ line += " */\n"
+ line += "define('DISALLOW_FILE_EDIT', true);\n"
+ if ssl_enabled
+ line += "define('FORCE_SSL_LOGIN', true);\n"
+ line += "define('FORCE_SSL_ADMIN', true);\n"
+ end
+ end
+
+ line
+ end
+
file "#{directory}/wp-config.php" do
owner node[:wordpress][:user]
group node[:wordpress][:group]
mode 0644
- content_from_file "#{directory}/wp-config-sample.php" do |line|
- line.gsub!(/database_name_here/, database_name)
- line.gsub!(/username_here/, database_user)
- line.gsub!(/password_here/, database_password)
- line.gsub!(/wp_/, database_prefix)
-
- line.gsub!(/('AUTH_KEY', *)'put your unique phrase here'/, "\\1'#{node[:wordpress][:sites][name][:auth_key]}'")
- line.gsub!(/('SECURE_AUTH_KEY', *)'put your unique phrase here'/, "\\1'#{node[:wordpress][:sites][name][:secure_auth_key]}'")
- line.gsub!(/('LOGGED_IN_KEY', *)'put your unique phrase here'/, "\\1'#{node[:wordpress][:sites][name][:logged_in_key]}'")
- line.gsub!(/('NONCE_KEY', *)'put your unique phrase here'/, "\\1'#{node[:wordpress][:sites][name][:nonce_key]}'")
- line.gsub!(/('AUTH_SALT', *)'put your unique phrase here'/, "\\1'#{node[:wordpress][:sites][name][:auth_salt]}'")
- line.gsub!(/('SECURE_AUTH_SALT', *)'put your unique phrase here'/, "\\1'#{node[:wordpress][:sites][name][:secure_auth_salt]}'")
- line.gsub!(/('LOGGED_IN_SALT', *)'put your unique phrase here'/, "\\1'#{node[:wordpress][:sites][name][:logged_in_salt]}'")
- line.gsub!(/('NONCE_SALT', *)'put your unique phrase here'/, "\\1'#{node[:wordpress][:sites][name][:nonce_salt]}'")
-
- if line =~ /define\('WP_DEBUG'/
- line += "\n"
- line += "/**\n"
- line += " * Don't allow file editing.\n"
- line += " */\n"
- line += "define('DISALLOW_FILE_EDIT', true);\n"
- end
-
- line
- end
+ content wp_config
notifies :reload, "service[apache2]"
end
end
file "#{directory}/sitemap.xml" do
- owner "www-data"
- group "www-data"
- mode 0644
+ action :delete
end
file "#{directory}/sitemap.xml.gz" do
- owner "www-data"
- group "www-data"
- mode 0644
+ action :delete
end
cookbook_file "#{directory}/googlefac54c35e800caab.html" do
cookbook "wordpress"
template "apache.erb"
directory directory
- variables :aliases => aliases, :urls => urls
+ variables :aliases => aliases, :urls => urls, :ssl_enabled => ssl_enabled
notifies :reload, "service[apache2]"
end
wordpress_plugin "wp-fail2ban" do
site name
end
+
+ script "#{directory}/wp-content/plugins/wp-fail2ban" do
+ action :nothing
+ interpreter "php"
+ cwd directory
+ user "wordpress"
+ code <<-EOS
+ <?php
+ @include "wp-config.php";
+ @include_once "wp-includes/functions.php";
+ @include_once "wp-admin/includes/plugin.php";
+ activate_plugin("wp-fail2ban/wp-fail2ban.php", '', false, false);
+ ?>
+ EOS
+ subscribes :run, "subversion[#{directory}/wp-content/plugins/wp-fail2ban]"
+ end
end