testing

Small fixes and improvements after testing.

README.md

@@ -5,21 +5,21 @@
         <img src="https://img.shields.io/github/license/QROkes/webinoly" />
         <img src="https://img.shields.io/github/v/release/QROkes/webinoly?color=orange" />
 	</p>
-    <p><b>Optimized LEMP Web Server</b></br>
+    <p><b>Optimized NGINX Web Server</b></br>
     <i>A powerful set of commands for doing just about anything you could wish.</i></p>
     <p><a href="https://webinoly.com/">Official Website</a> | <a href="https://webinoly.com/documentation/">Documentation</a> | <a href="https://github.com/QROkes/webinoly/releases">Changelog</a></p>
 </div>
 
 ## Overview
-A complete LEMP stack _– Linux Ubuntu + Nginx + MariaDB ~~*(or MySQL, you can choose, soon!)*~~ + PHP –_ or install individual packages according to your needs.
+A complete LEMP stack _– Linux Ubuntu + Nginx + MariaDB (or MySQL, you can choose) + PHP –_ or install individual packages according to your needs.
 
 **One of the most reliable configurations to host your websites and with Webinoly you can do it in just one step.**
 
 Webinoly provides a set of tools and commands that facilitate web server administration.
 - Unique commands to create, delete, disable sites.
 - Free SSL certificates for your sites with Let’s Encrypt and automatic server configuration.
 - HTTP/2 dramatically increases the speed of serving your content.
-- PHP v8.1 and support for earlier versions if needed (8.0 and 7.4) ~~or the newest 8.2 *(soon)*~~.
+- PHP v8.1 and support for earlier versions if needed (8.0 and 7.4) or the newest 8.2.
 - FastCGI Cache and Redis Object Cache for your WordPress sites.
 - Install WP in any subfolder and support for external databases, multisite and domain mapping.
 - Reverse Proxy for any app (Java, React, Node, Angular, Vue, etc) or to use your own domain with any external file repo like S3.

lib/bkp

@@ -996,6 +996,7 @@ import_server() {
 			[[ -n $(conf_read_exported mysql-root) ]] && conf_write mysql-root $(conf_read_exported mysql-root)
 			[[ -n $(conf_read_exported mysql-admin) ]] && conf_write mysql-admin $(conf_read_exported mysql-admin)
 			sudo rm -rf /var/www/webinoly_backup_dball
+			sudo webinoly -server-reset=mysql
 		elif [[ -s /var/www/webinoly_backup_dball && $(conf_read mysql) != "true" && -z $skip_db ]]; then
 			echo "${red}[ERROR] Database backup found but can not be restored because MySQL is not installed!${end}"
 		fi

lib/general

@@ -710,6 +710,12 @@ is_url() {
 	# Output: http,https,ip,unix,true,false  Example: $(is_url $domain)
 	# Global variables when -split is set: url_scheme, url_host, url_path, url_port    Example: is_url $domain -split
 
+	# Important, because they can have a previous value when runs multiple times.
+	unset url_scheme
+	unset url_host
+	unset url_path
+	unset url_port
+
 	local scheme=$(echo "${1,,}" | cut -d':' -f 1 -s)
 	local host=$(echo "${1,,}" | cut -d':' -f 2 -s | cut -d'/' -f 3 -s)
 	local path=$(echo "${1,,}" | cut -d':' -f 2- -s | cut -d'/' -f 4- -s)
@@ -1384,15 +1390,15 @@ check_var() {
 	# Locations: Deny Extensions
 	elif [[ $1 == "locations-deny-extensions" ]]; then
 		if [[ -z $(conf_read locations-deny-extensions) ]]; then
-			local out="old|orig|original|php#|php~|php_bak|save|swo|asp|aspx|tpl|sh|bash|ba|bak|cfg|cgi|dll|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|rdf|pem|ppk|asc|conf|dump|exe|msi|tar|gz|zip|bz2|7z"
+			local out="7z|asc|asp|aspx|ba|bak|bash|bat|bin|bz2|c|cfg|cgi|class|com|conf|cpp|crt|cs|dat|db|dbf|deb|der|dll|dmg|dmp|dump|ear|exe|git|gz|h|hg|hqx|img|ini|iso|jar|jsp|log|mdb|msi|msm|msp|old|orig|original|out|pem|php#|php_bak|php~|pkg|pl|ppk|py|rar|rdf|rpm|run|save|sh|sql|srv|svn|swo|swp|sys|tar|taz|tcl|tgz|tk|tmp|tpl|tz|vb|war|wsf|z|zip"
 		else
 			local out=$(conf_read locations-deny-extensions)
 		fi
 
 	# Locations: Deny Files
 	elif [[ $1 == "locations-deny-files" ]]; then
 		if [[ -z $(conf_read locations-deny-files) ]]; then
-			local out="readme|license|example|legalnotice|installation|changelog|wp-config"
+			local out="changelog|example|installation|legalnotice|license|readme|wp-config"
 		else
 			local out=$(conf_read locations-deny-files)
 		fi

lib/install

@@ -213,7 +213,7 @@ php_install() {
 
 mysql_install() {
 	api-events_update im1
-	echo "${gre}MySQL version '$(conf_read mysql-ver)' is set as default.${end}"
+	echo "${gre}MySQL/MariaDB version '$(conf_read mysql-ver)' is set as default.${end}"
 
 	# debconf-utils for unattended scripts
 	# debconf-get-selections | grep phpmyadmin   <<-- list conf variables
@@ -590,9 +590,15 @@ nginx_tool_bkp() {
 	sudo apt install -y debhelper dh-python python3 gnupg librsync-dev par2 pep8 pylint python3-pytest python3-pytest-cov python3-pytest-runner python3-dev python3-fasteners python3-future python3-mock python3-pexpect python3-setuptools python3-setuptools-scm rdiff rename rsync python3-pip python3-boto3
 
 	# Duplicity installation directly from source
-	# Temporal fix to remove warning - wait for: https://github.com/pypa/pip/issues/10556 - remove from stack purge too!
+	# Temporal fix to remove warning - wait for: https://github.com/pypa/pip/issues/10556 - remove from stack purge too! --root-user-action=ignore | Remove from update function also
 	sudo pip3 install duplicity 2>&1 | grep -v "pip as the 'root' user"
-
+	# In future, we need to do the correct way - using virtual env
+	#sudo apt install python3-venv
+	#sudo python3 -m venv /opt/duplicity/
+	#sudo /opt/duplicity/bin/pip install --upgrade pip
+	#sudo /opt/duplicity/bin/pip install duplicity
+	#sudo ln -s /opt/duplicity/bin/duplicity /usr/bin/duplicity
+
 	# https://sourceforge.net/projects/ftplicity/files/duply%20%28simple%20duplicity%29/
 	sudo cp /opt/webinoly/templates/general/duply /usr/bin/
 	sudo chmod 755 /usr/bin/duply

lib/sites

@@ -1300,6 +1300,12 @@ reverse_proxy() {
 		url_scheme="http"
 	fi
 
+	# After create-site this global variable is empty, because running multiple times
+	local local_url_scheme=$url_scheme
+	local local_url_host=$url_host
+	local local_url_port=$url_port
+	local local_url_path=$url_path
+
 	# Fix slash at the end when is alone, no real URI path!
 	if [[ $dedicated_reverse_proxy != "simple" && $url_path == "/" ]]; then
 		local proxydata=${proxydata:0:-1}
@@ -1336,10 +1342,10 @@ reverse_proxy() {
 
 	if [[ $dedicated_reverse_proxy == "simple" ]]; then
 		# Force / at the end of the url for subfolders
-		[[ -n $url_path && $url_path != "/" && $(echo "${proxydata}" | rev | cut -c-1) != "/" ]] && proxydata="${proxydata}/"
+		[[ -n $local_url_path && $local_url_path != "/" && $(echo "${proxydata}" | rev | cut -c-1) != "/" ]] && proxydata="${proxydata}/"
 		sudo sed -i "s#<upstream_name>#${proxydata}#g" /etc/nginx/apps.d/$domain$subname-proxy.conf
 	else
-		[[ -n $url_scheme ]] && sudo sed -i "s#proxy_pass <upstream_name>#proxy_pass ${url_scheme,,}://<upstream_name>#g" /etc/nginx/apps.d/$domain$subname-proxy.conf
+		[[ -n $local_url_scheme ]] && sudo sed -i "s#proxy_pass <upstream_name>#proxy_pass ${local_url_scheme,,}://<upstream_name>#g" /etc/nginx/apps.d/$domain$subname-proxy.conf
 		sudo sed -i "s#<upstream_name>#$(echo "$domain$subfolder" | sed "s/[^0-9A-Za-z]/_/g")#g" /etc/nginx/apps.d/$domain$subname-proxy.conf
 
 		# Create the upstream
@@ -1350,9 +1356,9 @@ reverse_proxy() {
 		fi
 
 		# Upstream server needs port, if empty, default is 80, so we need to fix it in case of https.
-		[[ -z $url_port && ${url_scheme,,} == "https" ]] && local fixport=":443"
+		[[ -z $local_url_port && ${local_url_scheme,,} == "https" ]] && local fixport=":443"
 
-		local upsvr="$(echo "${proxydata}${fixport}" | sed "s#${url_scheme}://##g")"
+		local upsvr="$(echo "${proxydata}${fixport}" | sed "s#${local_url_scheme}://##g")"
 
 		echo "upstream $(echo "$domain$subfolder" | sed "s/[^0-9A-Za-z]/_/g") {
 	zone upstreams;
@@ -1372,7 +1378,7 @@ reverse_proxy() {
 
 	# Set Host header for external sources, except when IP or Unix socket is used!
 	# Simple dedicated is also excluded because proxy_pass seems to not need it.
-	if [[ -n $upsvr && -n $proxydata && ${url_host} != "localhost" && $(is_url $url_host) != "ip" && $(is_url $url_host) != "unix" ]]; then
+	if [[ -n $upsvr && -n $proxydata && $local_url_host != "localhost" && $(is_url $local_url_host) != "ip" && $(is_url $local_url_host) != "unix" ]]; then
 		sudo sed -i "/#proxy_set_header Host /c\	proxy_set_header Host '${upsvr}';" /etc/nginx/apps.d/$domain$subname-proxy.conf
 	fi
 

lib/update

@@ -302,13 +302,13 @@ oneseven_to_oneight() {
 		local domi=$(echo $site | cut -f 5 -d "/")
 		if [[ $domi != "html" && $domi != $(conf_read tools-port) && -f /etc/nginx/sites-available/$domi ]]; then
 			# All sites
-			sed -i "/include \/var\/www\/$domi\/\*-nginx.conf;/a \	include \/etc\/nginx\/conf.d\/\*.conf.svr;" /etc/nginx/sites-available/$domi
+			sed -i "/include \/var\/www\/$domi\/\*-nginx.conf;/a \	include \/etc\/nginx\/conf.d\/\*.conf.srv;" /etc/nginx/sites-available/$domi
 
 			# Parked: Shared Nginx conf for main site
 			if [[ $(is_parked $domi) == "true" ]]; then
 				local main=$(grep -G "root .*;" /etc/nginx/sites-available/$domi | cut -d'/' -f 4)
 				if [[ -f /etc/nginx/sites-available/$main ]]; then
-					sed -i "/include \/var\/www\/$main\/\*-nginx.conf;/a \	include \/etc\/nginx\/conf.d\/\*.conf.svr;" /etc/nginx/sites-available/$domi
+					sed -i "/include \/var\/www\/$main\/\*-nginx.conf;/a \	include \/etc\/nginx\/conf.d\/\*.conf.srv;" /etc/nginx/sites-available/$domi
 					sed -i "/include \/var\/www\/${main}\/\*-$(echo $main | sed "s/[^0-9A-Za-z]/_/g")_parked.conf;/d" /etc/nginx/sites-available/$main
 					sed -i "/include \/var\/www\/$main\/\*-nginx.conf;/a \	include \/var\/www\/${main}\/\*-$(echo $main | sed "s/[^0-9A-Za-z]/_/g")_parked.conf;" /etc/nginx/sites-available/$main
 				fi
@@ -347,6 +347,9 @@ oneseven_to_oneight() {
 [[ ${oldver//.} -lt 17 ]] && onesix_to_oneseven
 [[ ${oldver//.} -lt 18 ]] && oneseven_to_oneight
 
+# Update PIP packages!
+sudo pip3 install --upgrade duplicity 2>&1 | grep -v "pip as the 'root' user"
+
 api-events_update wysue
 conf_delete stack-update
 sudo webinoly -server-reset

lib/webin

@@ -645,20 +645,24 @@ set_tools_site() {
 		conf_write tools-site $tools_site
 		echo "${gre}Domain${blu} ${tools_site}:$(conf_read tools-port) ${gre}was successfully assigned to access your server tools!${end}"
 	elif [[ $tools_site == "default" ]]; then
-		# MV in some edge cases fails to rename, specially when so much files are within the directories.
-		sudo mkdir -p /var/www/default:$(conf_read tools-port)
-		sudo cp -rp /var/www/$ADMIN_TOOLS_SITE/* /var/www/default:$(conf_read tools-port)
-		sudo rm -rf /var/www/$ADMIN_TOOLS_SITE
-		sudo rm -rf /etc/nginx/sites-available/$ADMIN_TOOLS_SITE
-		sudo cp /opt/webinoly/templates/general/admin_tools.conf /etc/nginx/sites-available/default:$(conf_read tools-port)
-		sudo sed -i "s/<port>/$(conf_read tools-port)/g"  /etc/nginx/sites-available/default:$(conf_read tools-port)
-		sudo sed -i "s/<admin_tools_sitename>/default:$(conf_read tools-port)/g"  /etc/nginx/sites-available/default:$(conf_read tools-port)
-		sudo rm -rf /etc/nginx/sites-enabled/$ADMIN_TOOLS_SITE
-		sudo ln -s /etc/nginx/sites-available/default:$(conf_read tools-port) /etc/nginx/sites-enabled/default:$(conf_read tools-port)
-
-		sudo chown -R www-data:www-data /var/www
-		[[ $(conf_read login-www-data) == "true" ]] && sudo chown root:root /var/www
-
+		if [[ $ADMIN_TOOLS_SITE != "default:$(conf_read tools-port)" ]]; then
+			# MV in some edge cases fails to rename, specially when so much files are within the directories.
+			sudo mkdir -p /var/www/default:$(conf_read tools-port)
+			sudo cp -rp /var/www/$ADMIN_TOOLS_SITE/* /var/www/default:$(conf_read tools-port)
+			sudo rm -rf /var/www/$ADMIN_TOOLS_SITE
+			sudo rm -rf /etc/nginx/sites-available/$ADMIN_TOOLS_SITE
+			sudo cp /opt/webinoly/templates/general/admin_tools.conf /etc/nginx/sites-available/default:$(conf_read tools-port)
+			sudo sed -i "s/<port>/$(conf_read tools-port)/g"  /etc/nginx/sites-available/default:$(conf_read tools-port)
+			sudo sed -i "s/<admin_tools_sitename>/default:$(conf_read tools-port)/g"  /etc/nginx/sites-available/default:$(conf_read tools-port)
+			sudo rm -rf /etc/nginx/sites-enabled/$ADMIN_TOOLS_SITE
+			sudo ln -s /etc/nginx/sites-available/default:$(conf_read tools-port) /etc/nginx/sites-enabled/default:$(conf_read tools-port)
+
+			sudo chown -R www-data:www-data /var/www
+			[[ $(conf_read login-www-data) == "true" ]] && sudo chown root:root /var/www
+		else
+			# This is the case when importing a full site from backup!
+			echo "${blu}${dim}Tools data folder already exist, no need to re-create it!${end}"
+		fi
 		conf_write tools-site default
 		echo "${gre}Tools Site settings has been reset successfully!${end}"
 	elif [[ -f /etc/nginx/sites-available/$tools_site && ! -f /etc/nginx/sites-available/$ADMIN_TOOLS_SITE ]]; then

templates/general/conf

@@ -174,15 +174,15 @@
 
 
 # Block/Deny files and extensions
-# Values:  <filename>|<filename>... (files txt|html|htm|md)
-# Values:  <ext>|<ext>... (extensions)
+# Values:  <filename>|<filename>... (with this extension only: txt|html|htm|md)
+# Values:  <ext>|<ext>... (any file using any of these extensions)
 # Note: This is a security feature, please don't modify unless you are sure about it.
-# Note: For example, any request to 'readme.txt' or 'name.log' will be blocked (case insensitive).
+# Note: For example, any request to 'readme.txt' or 'name.log' will be blocked (case insensitive) by default.
 # Note: To revert any changes and set the original Webinoly defaults, just #comment these two variables and then server-reset.
 # Note: You can remove some extensions like 'exe' if you are distributing installers, for instance, or you can add any of your preference.
 ###########################
-#locations-deny-files:readme|license|example|legalnotice|installation|changelog|wp-config
-#locations-deny-extensions:old|orig|original|php#|php~|php_bak|save|swo|asp|aspx|tpl|sh|bash|ba|bak|cfg|cgi|dll|git|hg|ini|jsp|log|mdb|out|sql|svn|swp|rdf|pem|ppk|asc|conf|dump|exe|msi|tar|gz|zip|bz2|7z
+#locations-deny-files:changelog|example|installation|legalnotice|license|readme|wp-config
+#locations-deny-extensions:7z|asc|asp|aspx|ba|bak|bash|bat|bin|bz2|c|cfg|cgi|class|com|conf|cpp|crt|cs|dat|db|dbf|deb|der|dll|dmg|dmp|dump|ear|exe|git|gz|h|hg|hqx|img|ini|iso|jar|jsp|log|mdb|msi|msm|msp|old|orig|original|out|pem|php#|php_bak|php~|pkg|pl|ppk|py|rar|rdf|rpm|run|save|sh|sql|srv|svn|swo|swp|sys|tar|taz|tcl|tgz|tk|tmp|tpl|tz|vb|war|wsf|z|zip
 
 
 # FastCGI Cache

templates/nginx/common/header.conf

@@ -25,7 +25,7 @@ include common/headers-html.conf;
 # NOTE: We have this location here (not in locations.conf) to add the HSTS header when needed in static files.
 # Add the Strict-Transport-Security header to all HTTPS responses. https://hstspreload.org/#deployment-recommendations
 
-location ~* \.(css|xml|gif|jpeg|jpg|js|atom|rss|mml|txt|jad|wml|htc|avif|png|svg|svgz|tif|tiff|wbmp|webp|ico|jng|bmp|woff|woff2|jar|war|ear|json|hqx|doc|pdf|ps|eps|ai|rtf|m3u8|kml|kmz|xls|eot|ppt|odg|odp|ods|odt|pptx|xlsx|docx|wmlc|wasm|7z|cco|jardiff|jnlp|run|pl|pm|prc|pdb|rar|rpm|sea|swf|sit|tcl|tk|der|pem|crt|xpi|xhtml|xspf|zip|bin|exe|dll|deb|dmg|iso|img|msi|msp|msm|mid|midi|kar|mp3|ogg|m4a|ra|3gpp|3gp|ts|mp4|mpeg|mpg|mov|webm|flv|m4v|mng|asx|asf|wmv|avi|ogv|otf|ttf|tgz|gz|bz2|tar|wav|cur|heic|aac|webmanifest|cast)$ {
+location ~* \.(3gp|3gpp|7z|aac|ai|asf|asx|atom|avi|avif|bin|bmp|bz2|cast|cco|crt|css|cur|deb|der|dll|dmg|doc|docx|ear|eot|eps|exe|flv|gif|gz|heic|hqx|htc|ico|img|iso|jad|jar|jardiff|jng|jnlp|jpeg|jpg|js|json|kar|kml|kmz|m3u8|m4a|m4v|mid|midi|mml|mng|mov|mp3|mp4|mpeg|mpg|msi|msm|msp|odg|odp|ods|odt|ogg|ogv|otf|pdb|pdf|pem|pl|pm|png|ppt|pptx|prc|ps|ra|rar|rpm|rss|rtf|run|sea|sit|svg|svgz|swf|tar|taz|tcl|tgz|tif|tiff|tk|ts|ttf|txt|tz|war|wasm|wav|wbmp|webm|webmanifest|webp|wml|wmlc|wmv|woff|woff2|xhtml|xls|xlsx|xml|xpi|xspf|z|zip)$ {
 	include common/headers-http.conf;
 	add_header "Access-Control-Allow-Origin" "*";
 	access_log off;

templates/nginx/common/headers.conf

@@ -26,7 +26,7 @@ include common/headers-https.conf;
 # NOTE: We have this location here (not in locations.conf) to add the HSTS header when needed in static files.
 # Add the Strict-Transport-Security header to all HTTPS responses. https://hstspreload.org/#deployment-recommendations
 
-location ~* \.(css|xml|gif|jpeg|jpg|js|atom|rss|mml|txt|jad|wml|htc|avif|png|svg|svgz|tif|tiff|wbmp|webp|ico|jng|bmp|woff|woff2|jar|war|ear|json|hqx|doc|pdf|ps|eps|ai|rtf|m3u8|kml|kmz|xls|eot|ppt|odg|odp|ods|odt|pptx|xlsx|docx|wmlc|wasm|7z|cco|jardiff|jnlp|run|pl|pm|prc|pdb|rar|rpm|sea|swf|sit|tcl|tk|der|pem|crt|xpi|xhtml|xspf|zip|bin|exe|dll|deb|dmg|iso|img|msi|msp|msm|mid|midi|kar|mp3|ogg|m4a|ra|3gpp|3gp|ts|mp4|mpeg|mpg|mov|webm|flv|m4v|mng|asx|asf|wmv|avi|ogv|otf|ttf|tgz|gz|bz2|tar|wav|cur|heic|aac|webmanifest|cast)$ {
+location ~* \.(3gp|3gpp|7z|aac|ai|asf|asx|atom|avi|avif|bin|bmp|bz2|cast|cco|crt|css|cur|deb|der|dll|dmg|doc|docx|ear|eot|eps|exe|flv|gif|gz|heic|hqx|htc|ico|img|iso|jad|jar|jardiff|jng|jnlp|jpeg|jpg|js|json|kar|kml|kmz|m3u8|m4a|m4v|mid|midi|mml|mng|mov|mp3|mp4|mpeg|mpg|msi|msm|msp|odg|odp|ods|odt|ogg|ogv|otf|pdb|pdf|pem|pl|pm|png|ppt|pptx|prc|ps|ra|rar|rpm|rss|rtf|run|sea|sit|svg|svgz|swf|tar|taz|tcl|tgz|tif|tiff|tk|ts|ttf|txt|tz|war|wasm|wav|wbmp|webm|webmanifest|webp|wml|wmlc|wmv|woff|woff2|xhtml|xls|xlsx|xml|xpi|xspf|z|zip)$ {
 	include common/headers-http.conf;
 	include common/headers-https.conf;
 	add_header "Access-Control-Allow-Origin" "*";

templates/template-site-php

@@ -22,6 +22,6 @@ server {
 	include common/locations.conf;
 	include common/header.conf;
 	include /var/www/domain.com/*-nginx.conf;
-	include /etc/nginx/conf.d/*.conf.svr;
+	include /etc/nginx/conf.d/*.conf.srv;
 }
 # WebinolyNginxServerEnd

templates/template-site-proxy

@@ -31,7 +31,7 @@ location / {
 	proxy_pass <upstream_name>;
 
 	# CacheStaticFiles
-	location ~* \.(css|xml|gif|jpeg|jpg|js|atom|rss|mml|txt|jad|wml|htc|avif|png|svg|svgz|tif|tiff|wbmp|webp|ico|jng|bmp|woff|woff2|jar|war|ear|json|hqx|doc|pdf|ps|eps|ai|rtf|m3u8|kml|kmz|xls|eot|ppt|odg|odp|ods|odt|pptx|xlsx|docx|wmlc|wasm|7z|cco|jardiff|jnlp|run|pl|pm|prc|pdb|rar|rpm|sea|swf|sit|tcl|tk|der|pem|crt|xpi|xhtml|xspf|zip|bin|exe|dll|deb|dmg|iso|img|msi|msp|msm|mid|midi|kar|mp3|ogg|m4a|ra|3gpp|3gp|ts|mp4|mpeg|mpg|mov|webm|flv|m4v|mng|asx|asf|wmv|avi|ogv|otf|ttf|tgz|gz|bz2|tar|wav|cur|heic|aac|webmanifest|cast)$ {
+	location ~* \.(3gp|3gpp|7z|aac|ai|asf|asx|atom|avi|avif|bin|bmp|bz2|cast|cco|crt|css|cur|deb|der|dll|dmg|doc|docx|ear|eot|eps|exe|flv|gif|gz|heic|hqx|htc|ico|img|iso|jad|jar|jardiff|jng|jnlp|jpeg|jpg|js|json|kar|kml|kmz|m3u8|m4a|m4v|mid|midi|mml|mng|mov|mp3|mp4|mpeg|mpg|msi|msm|msp|odg|odp|ods|odt|ogg|ogv|otf|pdb|pdf|pem|pl|pm|png|ppt|pptx|prc|ps|ra|rar|rpm|rss|rtf|run|sea|sit|svg|svgz|swf|tar|taz|tcl|tgz|tif|tiff|tk|ts|ttf|txt|tz|war|wasm|wav|wbmp|webm|webmanifest|webp|wml|wmlc|wmv|woff|woff2|xhtml|xls|xlsx|xml|xpi|xspf|z|zip)$ {
 		include common/headers-http.conf;
 		include common/headers-https.conf;
 		add_header "Access-Control-Allow-Origin" "*";

usr/stack

@@ -261,13 +261,17 @@ elif [[ -n $purge && -n $mysql ]]; then
 					echo "mysql-community-server	mysql-community-server/remove-data-dir  boolean true" | debconf-set-selections
 				fi
 				sudo apt -y purge mysql-server mysql-common mysql-common
+				sudo rm -rf /usr/share/keyrings/mysql-archive-keyring.gpg
+				sudo rm -rf /etc/apt/sources.list.d/mysql.list
 			else
 				if [[ $mysql == "keep-data" ]]; then
 					echo "mariadb-server-${mysqlver}	mariadb-server-${mysqlver}/postrm_remove_databases	boolean false" | debconf-set-selections
 				else
 					echo "mariadb-server-${mysqlver}	mariadb-server-${mysqlver}/postrm_remove_databases	boolean true" | debconf-set-selections
 				fi
 				sudo apt -y purge mariadb-server mariadb-common mysql-common
+				sudo rm -rf /usr/share/keyrings/mariadb-archive-keyring.gpg
+				sudo rm -rf /etc/apt/sources.list.d/mariadb.list
 			fi
 
 			purge_mysql_client