Wordops

Added

- cht.sh stack : linux online cheatsheet. Usage : `cheat <command>`. Example for tar : `cheat tar`
- ClamAV anti-virus with weekly cronjob to update signatures database
- Internal function to add daily cronjobs
- Additional comment to detect previous configuration tuning (MariaDB & Redis)
- Domain/Subdomain detection based on public domain suffixes list for letsencrypt
- Increase Nginx & MariaDB systemd open_files limits
- Cronjob to update Cloudflare IPs list
- mariadb-backup to perform full and non-blocking databases backup (installation only. Backup feature will be available soon)
- Nginx configuration check before performing start/reload/restart (If configuration check fail, WordOps will not reload/restart Nginx anymore)
- Nginx mapping to proxy web-socket connections

Changed

- eXplorer filemanager isn't installed with WordOps dashboard anymore, and a flag `--extplorer` is available. But it's still installed when running the command `wo stack install`
- Template rendering function now check for a .custom file before overwriting a configuration by default.
- flag `--letsencrypt=subdomain` is not required anymore, you can use `--letsencrypt` or `-le`
- Simplifiy and decrease duration of `apt-key` GPG keys import

Fixed

- typo error in `wo site update` : [PR 126](https://github.com/WordOps/WordOps/pull/126)

Changed

- Nginx package OpenSSL configuration improvements (TLS v1.3 now available on all operating systems supported by WordOps)
- remove user prompt for confirmation with `wo update`
- Nginx stack will not be upgraded with `wo update` anymore. This can be done at anytime with `wo upgrade --nginx`
- Databases name and user are now semi-randomly generated (0-8 letters from the domain + 8 random caracters)

Fixed

- `wo upgrade` output
- Database name or database user length

Added

- Additional cache expection for Easy Digital Downloads [PR 120](https://github.com/WordOps/WordOps/pull/120)
- Additional settings to support mobile with WP-Rocket
- Add the ability to block nginx configuration overwriting by adding a file .custom. Example with /etc/nginx/conf.d/webp.conf -> `touch /etc/nginx/conf.d/webp.conf.custom`
- If there is a custom file, WordOps will write the configuration in a file named fileconf.conf.orig to let users implement possible changes
- UFW minimal configuration during install. Can be disabled with the flag `-w`, `--wufw` or `--without-ufw`. Example : `wget -qO wo wops.cc && sudo bash wo -w`

Fixed

- WordOps internal database creation on servers running with custom setup

Added

- WordOps backend is automatically secured by the first Let's Encrypt SSL certificate issued

Changed

- Extra Nginx directives moved from nginx.conf to conf.d/tweaks.conf

Fixed

- MySQLTuner installation
- `wo stack remove/purge --all`
- variable substitution in install script
- `wo stack upgrade --phpmyadmin/--dashboard`
- phpmyadmin blowfish_secret key length
- Cement App not exiting on close in case of error

Added

- Allow web browser caching for json and webmanifest files
- nginx-core.mustache template used to render nginx.conf during stack setup
- APT Packages configuration step with `wo stack upgrade` to apply new configurations
- Cloudflare restore real_ip configuration
- WP-Rocket plugin support with the flag `--wprocket`
- Cache-Enabler plugin support with the flag `--wpce`
- Install unattended-upgrade and enable automated security updates
- Enable time synchronization with ntp
- Additional cache exception for woocommerce

Changed

- Do not force Nginx upgrade if a custom Nginx package compiled with nginx-ee is detected
- Gzip enabled again by default with configuration in /etc/nginx/conf.d/gzip.conf
- Brotli configuration moved in /etc/nginx/conf.d/brotli.conf.disabled (disabled by default)
- Moving package configuration in a new plugin stack_pref.py
- Cleanup templates by removing all doublons (with/without php7) and replacing them with variables
- Updated Nginx to v1.16.1 in response to HTTP/2 vulnerabilites discovered
- Disable temporary adding swap feature (not working)
- `wo stack upgrade --nginx` is now able to apply new configurations during `wo update`, it highly reduce upgrade duration

Fixed

- Error in HSTS header syntax

Fixed

- redis.conf permissions additional fix