diff --git a/.github/workflows/test-core-linux.yml b/.github/workflows/test-core-linux.yml index 107dc9d3b..a27343535 100644 --- a/.github/workflows/test-core-linux.yml +++ b/.github/workflows/test-core-linux.yml @@ -26,7 +26,7 @@ jobs: run: | sudo apt purge -y firefox sudo apt update - sudo apt install --no-install-recommends -y git nodejs tar bzip2 wget curl grep libx11-xcb1 libappindicator3-1 libasound2 libdbus-glib-1-2 libxtst6 libxt6 php-fpm unzip + sudo apt install --no-install-recommends -y openssl git nodejs tar bzip2 wget curl grep libx11-xcb1 libappindicator3-1 libasound2 libdbus-glib-1-2 libxtst6 libxt6 php-fpm unzip wget -O firefox-setup.tar.bz2 "https://download.mozilla.org/?product=firefox-latest-ssl&os=linux64" tar -xjf firefox-setup.tar.bz2 -C /opt/ sudo ln -s /opt/firefox/firefox /usr/bin/firefox diff --git a/tests/core/badbehavior/test.sh b/tests/core/badbehavior/test.sh index ff3fe8ea5..e3d74db4e 100755 --- a/tests/core/badbehavior/test.sh +++ b/tests/core/badbehavior/test.sh @@ -229,8 +229,6 @@ do sudo cat /var/log/bunkerweb/error.log echo "🛡ī¸ Showing BunkerWeb access logs ..." sudo cat /var/log/bunkerweb/access.log - echo "🛡ī¸ Showing Geckodriver logs ..." - sudo cat geckodriver.log fi exit 1 else diff --git a/tests/core/brotli/test.sh b/tests/core/brotli/test.sh index 4eb1bf2b7..278032e11 100755 --- a/tests/core/brotli/test.sh +++ b/tests/core/brotli/test.sh @@ -168,8 +168,6 @@ do sudo cat /var/log/bunkerweb/error.log echo "🛡ī¸ Showing BunkerWeb access logs ..." sudo cat /var/log/bunkerweb/access.log - echo "🛡ī¸ Showing Geckodriver logs ..." - sudo cat geckodriver.log fi exit 1 else diff --git a/tests/core/bwcli/test.sh b/tests/core/bwcli/test.sh index e08a5bdc6..6ac4e85a9 100755 --- a/tests/core/bwcli/test.sh +++ b/tests/core/bwcli/test.sh @@ -154,8 +154,6 @@ if [ $? -ne 0 ] ; then sudo cat /var/log/bunkerweb/error.log echo "🛡ī¸ Showing BunkerWeb access logs ..." sudo cat /var/log/bunkerweb/access.log - echo "🛡ī¸ Showing Geckodriver logs ..." - sudo cat geckodriver.log fi exit 1 else diff --git a/tests/core/clientcache/test.sh b/tests/core/clientcache/test.sh index 7a5d2034d..a50c24c55 100755 --- a/tests/core/clientcache/test.sh +++ b/tests/core/clientcache/test.sh @@ -211,8 +211,6 @@ do sudo cat /var/log/bunkerweb/error.log echo "🛡ī¸ Showing BunkerWeb access logs ..." sudo cat /var/log/bunkerweb/access.log - echo "🛡ī¸ Showing Geckodriver logs ..." - sudo cat geckodriver.log fi exit 1 else diff --git a/tests/core/customcert/test.sh b/tests/core/customcert/test.sh index 389fb0755..fda64bbbb 100755 --- a/tests/core/customcert/test.sh +++ b/tests/core/customcert/test.sh @@ -88,9 +88,6 @@ if [ "$integration" == "docker" ] ; then exit 1 fi else - echo "🔏 Installing openssl ..." - sudo apt-get install openssl -y - echo "🔏 Generating certificate for www.example.com ..." openssl req -nodes -x509 -newkey rsa:4096 -keyout /tmp/privatekey.key -out /tmp/certificate.pem -days 365 -subj /CN=www.example.com/ if [ $? -ne 0 ] ; then @@ -202,8 +199,6 @@ do sudo cat /var/log/bunkerweb/error.log echo "🛡ī¸ Showing BunkerWeb access logs ..." sudo cat /var/log/bunkerweb/access.log - echo "🛡ī¸ Showing Geckodriver logs ..." - sudo cat geckodriver.log fi exit 1 else diff --git a/tests/core/db/test.sh b/tests/core/db/test.sh index 11c03497e..7d3074ebc 100755 --- a/tests/core/db/test.sh +++ b/tests/core/db/test.sh @@ -422,8 +422,6 @@ do sudo cat /var/log/bunkerweb/error.log echo "🛡ī¸ Showing BunkerWeb access logs ..." sudo cat /var/log/bunkerweb/access.log - echo "🛡ī¸ Showing Geckodriver logs ..." - sudo cat geckodriver.log fi exit 1 else diff --git a/tests/core/errors/test.sh b/tests/core/errors/test.sh index 447f2a92a..e0383b41b 100755 --- a/tests/core/errors/test.sh +++ b/tests/core/errors/test.sh @@ -1,17 +1,35 @@ #!/bin/bash -echo "⭕ Building errors stack ..." +integration=$1 -# Starting stack -docker compose pull bw-docker -if [ $? -ne 0 ] ; then - echo "⭕ Pull failed ❌" +if [ -z "$integration" ] ; then + echo "⭕ Please provide an integration name as argument ❌" + exit 1 +elif [ "$integration" != "docker" ] && [ "$integration" != "linux" ] ; then + echo "⭕ Integration \"$integration\" is not supported ❌" exit 1 fi -docker compose -f docker-compose.test.yml build -if [ $? -ne 0 ] ; then - echo "⭕ Build failed ❌" - exit 1 + +echo "⭕ Building errors stack for integration \"$integration\" ..." + +# Starting stack +if [ "$integration" = "docker" ] ; then + docker compose pull bw-docker + if [ $? -ne 0 ] ; then + echo "⭕ Pull failed ❌" + exit 1 + fi + docker compose -f docker-compose.test.yml build + if [ $? -ne 0 ] ; then + echo "⭕ Build failed ❌" + exit 1 + fi +else + sudo systemctl stop bunkerweb + echo "ERRORS=" | sudo tee -a /etc/bunkerweb/variables.env + echo "INTERCEPTED_ERROR_CODES=400 401 403 404 405 413 429 500 501 502 503 504" | sudo tee -a /etc/bunkerweb/variables.env + sudo touch /var/www/html/index.html + sudo cp "403.html" "/var/www/html/errors/403.html" fi manual=0 @@ -19,8 +37,15 @@ end=0 cleanup_stack () { exit_code=$? if [[ $end -eq 1 || $exit_code = 1 ]] || [[ $end -eq 0 && $exit_code = 0 ]] && [ $manual = 0 ] ; then - find . -type f -name 'docker-compose.*' -exec sed -i 's@ERRORS: "403=/errors/403.html"@ERRORS: ""@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@INTERCEPTED_ERROR_CODES: "400 401 404 405 413 429 500 501 502 503 504"@INTERCEPTED_ERROR_CODES: "400 401 403 404 405 413 429 500 501 502 503 504"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@ERRORS: "403=/errors/403.html"@ERRORS: ""@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@INTERCEPTED_ERROR_CODES: "400 401 403 404 405 413 429 500 501 502 503 504"@INTERCEPTED_ERROR_CODES: "400 401 403 404 405 413 429 500 501 502 503 504"@' {} \; + else + sudo sed -i 's@ERRORS=.*$@ERRORS=@' /etc/bunkerweb/variables.env + sudo sed -i 's@INTERCEPTED_ERROR_CODES=.*$@INTERCEPTED_ERROR_CODES=400 401 403 404 405 413 429 500 501 502 503 504@' /etc/bunkerweb/variables.env + unset ERRORS + unset INTERCEPTED_ERROR_CODES + fi if [[ $end -eq 1 && $exit_code = 0 ]] ; then return fi @@ -28,10 +53,15 @@ cleanup_stack () { echo "⭕ Cleaning up current stack ..." - docker compose down -v --remove-orphans + if [ "$integration" == "docker" ] ; then + docker compose down -v --remove-orphans + else + sudo systemctl stop bunkerweb + sudo truncate -s 0 /var/log/bunkerweb/error.log + fi if [ $? -ne 0 ] ; then - echo "⭕ Down failed ❌" + echo "⭕ Cleanup failed ❌" exit 1 fi @@ -47,23 +77,43 @@ do echo "⭕ Running tests with default configuration ..." elif [ "$test" = "custom_403" ] ; then echo "⭕ Running tests with a custom 403 page ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@ERRORS: ""@ERRORS: "403=/errors/403.html"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@ERRORS: ""@ERRORS: "403=/errors/403.html"@' {} \; + else + sudo sed -i 's@ERRORS=@ERRORS=403=/errors/403.html@' /etc/bunkerweb/variables.env + export ERRORS="403=/errors/403.html" + fi elif [ "$test" = "without_403" ] ; then echo "⭕ Running tests without a 403 being intercepted ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@ERRORS: "403=/errors/403.html"@ERRORS: ""@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@INTERCEPTED_ERROR_CODES: "400 401 403 404 405 413 429 500 501 502 503 504"@INTERCEPTED_ERROR_CODES: "400 401 404 405 413 429 500 501 502 503 504"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@ERRORS: "403=/errors/403.html"@ERRORS: ""@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@INTERCEPTED_ERROR_CODES: "400 401 403 404 405 413 429 500 501 502 503 504"@INTERCEPTED_ERROR_CODES: "400 401 404 405 413 429 500 501 502 503 504"@' {} \; + else + sudo sed -i 's@ERRORS=.*$@ERRORS=@' /etc/bunkerweb/variables.env + sudo sed -i 's@INTERCEPTED_ERROR_CODES=.*$@INTERCEPTED_ERROR_CODES=400 401 404 405 413 429 500 501 502 503 504@' /etc/bunkerweb/variables.env + unset ERRORS + export INTERCEPTED_ERROR_CODES="400 401 404 405 413 429 500 501 502 503 504" + fi fi echo "⭕ Starting stack ..." - docker compose up -d - if [ $? -ne 0 ] ; then - echo "⭕ Up failed, retrying ... ⚠ī¸" - manual=1 - cleanup_stack - manual=0 + if [ "$integration" == "docker" ] ; then docker compose up -d if [ $? -ne 0 ] ; then - echo "⭕ Up failed ❌" + echo "⭕ Up failed, retrying ... ⚠ī¸" + manual=1 + cleanup_stack + manual=0 + docker compose up -d + if [ $? -ne 0 ] ; then + echo "⭕ Up failed ❌" + exit 1 + fi + fi + else + sudo systemctl start bunkerweb + if [ $? -ne 0 ] ; then + echo "⭕ Start failed ❌" exit 1 fi fi @@ -71,37 +121,72 @@ do # Check if stack is healthy echo "⭕ Waiting for stack to be healthy ..." i=0 - while [ $i -lt 120 ] ; do - containers=("errors-bw-1" "errors-bw-scheduler-1") - healthy="true" - for container in "${containers[@]}" ; do - check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" - if [ "$check" = "" ] ; then - healthy="false" + if [ "$integration" == "docker" ] ; then + while [ $i -lt 120 ] ; do + containers=("errors-bw-1" "errors-bw-scheduler-1") + healthy="true" + for container in "${containers[@]}" ; do + check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" + if [ "$check" = "" ] ; then + healthy="false" + break + fi + done + if [ "$healthy" = "true" ] ; then + echo "⭕ Docker stack is healthy ✅" break fi + sleep 1 + i=$((i+1)) done - if [ "$healthy" = "true" ] ; then - echo "⭕ Docker stack is healthy ✅" - break + if [ $i -ge 120 ] ; then + docker compose logs + echo "⭕ Docker stack is not healthy ❌" + exit 1 + fi + else + while [ $i -lt 120 ] ; do + check="$(sudo cat /var/log/bunkerweb/error.log | grep "BunkerWeb is ready")" + if ! [ -z "$check" ] ; then + echo "⭕ Linux stack is healthy ✅" + break + fi + sleep 1 + i=$((i+1)) + done + if [ $i -ge 120 ] ; then + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + echo "⭕ Linux stack is not healthy ❌" + exit 1 fi - sleep 1 - i=$((i+1)) - done - if [ $i -ge 120 ] ; then - docker compose logs - echo "⭕ Docker stack is not healthy ❌" - exit 1 fi # Start tests - docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + if [ "$integration" == "docker" ] ; then + docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + else + python3 main.py + fi if [ $? -ne 0 ] ; then echo "⭕ Test \"$test\" failed ❌" echo "🛡ī¸ Showing BunkerWeb and BunkerWeb Scheduler logs ..." - docker compose logs bw bw-scheduler + if [ "$integration" == "docker" ] ; then + docker compose logs bw bw-scheduler + else + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + echo "🛡ī¸ Showing Geckodriver logs ..." + sudo cat geckodriver.log + fi exit 1 else echo "⭕ Test \"$test\" succeeded ✅" diff --git a/tests/core/gzip/test.sh b/tests/core/gzip/test.sh index aa1f6af46..e1e1e2768 100755 --- a/tests/core/gzip/test.sh +++ b/tests/core/gzip/test.sh @@ -1,17 +1,33 @@ #!/bin/bash -echo "🗜ī¸ Building gzip stack ..." +integration=$1 -# Starting stack -docker compose pull bw-docker app1 -if [ $? -ne 0 ] ; then - echo "🗜ī¸ Pull failed ❌" +if [ -z "$integration" ] ; then + echo "🗜ī¸ Please provide an integration name as argument ❌" + exit 1 +elif [ "$integration" != "docker" ] && [ "$integration" != "linux" ] ; then + echo "🗜ī¸ Integration \"$integration\" is not supported ❌" exit 1 fi -docker compose -f docker-compose.test.yml build -if [ $? -ne 0 ] ; then - echo "🗜ī¸ Build failed ❌" - exit 1 + +echo "🗜ī¸ Building gzip stack for integration \"$integration\" ..." + +# Starting stack +if [ "$integration" = "docker" ] ; then + docker compose pull bw-docker app1 + if [ $? -ne 0 ] ; then + echo "🗜ī¸ Pull failed ❌" + exit 1 + fi + docker compose -f docker-compose.test.yml build + if [ $? -ne 0 ] ; then + echo "🗜ī¸ Build failed ❌" + exit 1 + fi +else + sudo systemctl stop bunkerweb + echo "USE_GZIP=no" | sudo tee -a /etc/bunkerweb/variables.env + sudo touch /var/www/html/index.html fi manual=0 @@ -19,7 +35,12 @@ end=0 cleanup_stack () { exit_code=$? if [[ $end -eq 1 || $exit_code = 1 ]] || [[ $end -eq 0 && $exit_code = 0 ]] && [ $manual = 0 ] ; then - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_GZIP: "yes"@USE_GZIP: "no"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_GZIP: "yes"@USE_GZIP: "no"@' {} \; + else + sudo sed -i 's@USE_GZIP=.*$@USE_GZIP=no@' /etc/bunkerweb/variables.env + unset USE_GZIP + fi if [[ $end -eq 1 && $exit_code = 0 ]] ; then return fi @@ -27,10 +48,15 @@ cleanup_stack () { echo "🗜ī¸ Cleaning up current stack ..." - docker compose down -v --remove-orphans + if [ "$integration" == "docker" ] ; then + docker compose down -v --remove-orphans + else + sudo systemctl stop bunkerweb + sudo truncate -s 0 /var/log/bunkerweb/error.log + fi if [ $? -ne 0 ] ; then - echo "🗜ī¸ Down failed ❌" + echo "🗜ī¸ Cleanup failed ❌" exit 1 fi @@ -46,19 +72,32 @@ do echo "🗜ī¸ Running tests without gzip ..." elif [ "$test" = "activated" ] ; then echo "🗜ī¸ Running tests with gzip ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_GZIP: "no"@USE_GZIP: "yes"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_GZIP: "no"@USE_GZIP: "yes"@' {} \; + else + sudo sed -i 's@USE_GZIP=.*$@USE_GZIP=yes@' /etc/bunkerweb/variables.env + export USE_GZIP="yes" + fi fi echo "🗜ī¸ Starting stack ..." - docker compose up -d - if [ $? -ne 0 ] ; then - echo "🗜ī¸ Up failed, retrying ... ⚠ī¸" - manual=1 - cleanup_stack - manual=0 + if [ "$integration" == "docker" ] ; then docker compose up -d if [ $? -ne 0 ] ; then - echo "🗜ī¸ Up failed ❌" + echo "🗜ī¸ Up failed, retrying ... ⚠ī¸" + manual=1 + cleanup_stack + manual=0 + docker compose up -d + if [ $? -ne 0 ] ; then + echo "🗜ī¸ Up failed ❌" + exit 1 + fi + fi + else + sudo systemctl start bunkerweb + if [ $? -ne 0 ] ; then + echo "🗜ī¸ Start failed ❌" exit 1 fi fi @@ -66,37 +105,70 @@ do # Check if stack is healthy echo "🗜ī¸ Waiting for stack to be healthy ..." i=0 - while [ $i -lt 120 ] ; do - containers=("gzip-bw-1" "gzip-bw-scheduler-1") - healthy="true" - for container in "${containers[@]}" ; do - check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" - if [ "$check" = "" ] ; then - healthy="false" + if [ "$integration" == "docker" ] ; then + while [ $i -lt 120 ] ; do + containers=("gzip-bw-1" "gzip-bw-scheduler-1") + healthy="true" + for container in "${containers[@]}" ; do + check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" + if [ "$check" = "" ] ; then + healthy="false" + break + fi + done + if [ "$healthy" = "true" ] ; then + echo "🗜ī¸ Docker stack is healthy ✅" break fi + sleep 1 + i=$((i+1)) done - if [ "$healthy" = "true" ] ; then - echo "🗜ī¸ Docker stack is healthy ✅" - break + if [ $i -ge 120 ] ; then + docker compose logs + echo "🗜ī¸ Docker stack is not healthy ❌" + exit 1 + fi + else + while [ $i -lt 120 ] ; do + check="$(sudo cat /var/log/bunkerweb/error.log | grep "BunkerWeb is ready")" + if ! [ -z "$check" ] ; then + echo "🗜ī¸ Linux stack is healthy ✅" + break + fi + sleep 1 + i=$((i+1)) + done + if [ $i -ge 120 ] ; then + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + echo "🗜ī¸ Linux stack is not healthy ❌" + exit 1 fi - sleep 1 - i=$((i+1)) - done - if [ $i -ge 120 ] ; then - docker compose logs - echo "🗜ī¸ Docker stack is not healthy ❌" - exit 1 fi # Start tests - docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + if [ "$integration" == "docker" ] ; then + docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + else + python3 main.py + fi if [ $? -ne 0 ] ; then echo "🗜ī¸ Test \"$test\" failed ❌" echo "🛡ī¸ Showing BunkerWeb and BunkerWeb Scheduler logs ..." - docker compose logs bw bw-scheduler + if [ "$integration" == "docker" ] ; then + docker compose logs bw bw-scheduler + else + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + fi exit 1 else echo "🗜ī¸ Test \"$test\" succeeded ✅" diff --git a/tests/core/headers/test.sh b/tests/core/headers/test.sh index a987be979..1603d24c8 100755 --- a/tests/core/headers/test.sh +++ b/tests/core/headers/test.sh @@ -1,17 +1,51 @@ #!/bin/bash -echo "🎛ī¸ Building headers stack ..." +integration=$1 -# Starting stack -docker compose pull bw-docker bw-php -if [ $? -ne 0 ] ; then - echo "🎛ī¸ Pull failed ❌" +if [ -z "$integration" ] ; then + echo "🎛ī¸ Please provide an integration name as argument ❌" + exit 1 +elif [ "$integration" != "docker" ] && [ "$integration" != "linux" ] ; then + echo "🎛ī¸ Integration \"$integration\" is not supported ❌" exit 1 fi -docker compose -f docker-compose.test.yml build -if [ $? -ne 0 ] ; then - echo "🎛ī¸ Build failed ❌" - exit 1 + +echo "🎛ī¸ Building headers stack for integration \"$integration\" ..." + +# Starting stack +if [ "$integration" = "docker" ] ; then + docker compose pull bw-docker bw-php + if [ $? -ne 0 ] ; then + echo "🎛ī¸ Pull failed ❌" + exit 1 + fi + docker compose -f docker-compose.test.yml build + if [ $? -ne 0 ] ; then + echo "🎛ī¸ Build failed ❌" + exit 1 + fi +else + sudo systemctl stop bunkerweb + sudo cp -r www/* /var/www/html/ + sudo chown -R www-data:nginx /var/www/html + sudo find /var/www/html -type f -exec chmod 0640 {} \; + sudo find /var/www/html -type d -exec chmod 0750 {} \; + echo "LOCAL_PHP=/run/php/php-fpm.sock" | sudo tee -a /etc/bunkerweb/variables.env + echo "LOCAL_PHP_PATH=/var/www/html" | sudo tee -a /etc/bunkerweb/variables.env + echo "GENERATE_SELF_SIGNED_SSL=no" | sudo tee -a /etc/bunkerweb/variables.env + + echo "CUSTOM_HEADER=" | sudo tee -a /etc/bunkerweb/variables.env + echo "REMOVE_HEADERS=Server X-Powered-By X-AspNet-Version X-AspNetMvc-Version" | sudo tee -a /etc/bunkerweb/variables.env + echo "STRICT_TRANSPORT_SECURITY=max-age=31536000" | sudo tee -a /etc/bunkerweb/variables.env + echo "COOKIE_FLAGS=* HttpOnly SameSite=Lax" | sudo tee -a /etc/bunkerweb/variables.env + echo "COOKIE_AUTO_SECURE_FLAG=yes" | sudo tee -a /etc/bunkerweb/variables.env + echo "CONTENT_SECURITY_POLICY=object-src 'none'; form-action 'self'; frame-ancestors 'self';" | sudo tee -a /etc/bunkerweb/variables.env + echo "REFERRER_POLICY=strict-origin-when-cross-origin" | sudo tee -a /etc/bunkerweb/variables.env + echo "PERMISSIONS_POLICY=accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), web-share=(), xr-spatial-tracking=()" | sudo tee -a /etc/bunkerweb/variables.env + echo "FEATURE_POLICY=accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animation 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'none'; unoptimized-images 'none'; unsized-media 'none'; usb 'none'; screen-wake-lock 'none'; web-share 'none'; xr-spatial-tracking 'none';" | sudo tee -a /etc/bunkerweb/variables.env + echo "X_FRAME_OPTIONS=SAMEORIGIN" | sudo tee -a /etc/bunkerweb/variables.env + echo "X_CONTENT_TYPE_OPTIONS=nosniff" | sudo tee -a /etc/bunkerweb/variables.env + echo "X_XSS_PROTECTION=1; mode=block" | sudo tee -a /etc/bunkerweb/variables.env fi manual=0 @@ -19,28 +53,61 @@ end=0 cleanup_stack () { exit_code=$? if [[ $end -eq 1 || $exit_code = 1 ]] || [[ $end -eq 0 && $exit_code = 0 ]] && [ $manual = 0 ] ; then - find . -type f -name 'docker-compose.*' -exec sed -i 's@CUSTOM_HEADER: "X-Test: test"@CUSTOM_HEADER: ""@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@REMOVE_HEADERS: ".*"$@REMOVE_HEADERS: "Server X-Powered-By X-AspNet-Version X-AspNetMvc-Version"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@STRICT_TRANSPORT_SECURITY: "max-age=86400"@STRICT_TRANSPORT_SECURITY: "max-age=31536000"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@COOKIE_FLAGS: ".*"$@COOKIE_FLAGS: "* HttpOnly SameSite=Lax"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "yes"@GENERATE_SELF_SIGNED_SSL: "no"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@COOKIE_AUTO_SECURE_FLAG: "no"@COOKIE_AUTO_SECURE_FLAG: "yes"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@CONTENT_SECURITY_POLICY: ".*"$@CONTENT_SECURITY_POLICY: "object-src '"'"'none'"'"'; form-action '"'"'self'"'"'; frame-ancestors '"'"'self'"'"';"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@REFERRER_POLICY: "no-referrer"@REFERRER_POLICY: "strict-origin-when-cross-origin"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@PERMISSIONS_POLICY: ".*"$@PERMISSIONS_POLICY: "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), web-share=(), xr-spatial-tracking=()"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@FEATURE_POLICY: ".*"$@FEATURE_POLICY: "accelerometer '"'"'none'"'"'; ambient-light-sensor '"'"'none'"'"'; autoplay '"'"'none'"'"'; battery '"'"'none'"'"'; camera '"'"'none'"'"'; display-capture '"'"'none'"'"'; document-domain '"'"'none'"'"'; encrypted-media '"'"'none'"'"'; execution-while-not-rendered '"'"'none'"'"'; execution-while-out-of-viewport '"'"'none'"'"'; fullscreen '"'"'none'"'"'; geolocation '"'"'none'"'"'; gyroscope '"'"'none'"'"'; layout-animation '"'"'none'"'"'; legacy-image-formats '"'"'none'"'"'; magnetometer '"'"'none'"'"'; microphone '"'"'none'"'"'; midi '"'"'none'"'"'; navigation-override '"'"'none'"'"'; payment '"'"'none'"'"'; picture-in-picture '"'"'none'"'"'; publickey-credentials-get '"'"'none'"'"'; speaker-selection '"'"'none'"'"'; sync-xhr '"'"'none'"'"'; unoptimized-images '"'"'none'"'"'; unsized-media '"'"'none'"'"'; usb '"'"'none'"'"'; screen-wake-lock '"'"'none'"'"'; web-share '"'"'none'"'"'; xr-spatial-tracking '"'"'none'"'"';"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@X_FRAME_OPTIONS: "DENY"@X_FRAME_OPTIONS: "SAMEORIGIN"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@X_CONTENT_TYPE_OPTIONS: ""@X_CONTENT_TYPE_OPTIONS: "nosniff"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@X_XSS_PROTECTION: "0"@X_XSS_PROTECTION: "1; mode=block"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@CUSTOM_HEADER: "X-Test: test"@CUSTOM_HEADER: ""@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@REMOVE_HEADERS: ".*"$@REMOVE_HEADERS: "Server X-Powered-By X-AspNet-Version X-AspNetMvc-Version"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@STRICT_TRANSPORT_SECURITY: "max-age=86400"@STRICT_TRANSPORT_SECURITY: "max-age=31536000"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@COOKIE_FLAGS: ".*"$@COOKIE_FLAGS: "* HttpOnly SameSite=Lax"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "yes"@GENERATE_SELF_SIGNED_SSL: "no"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@COOKIE_AUTO_SECURE_FLAG: "no"@COOKIE_AUTO_SECURE_FLAG: "yes"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@CONTENT_SECURITY_POLICY: ".*"$@CONTENT_SECURITY_POLICY: "object-src '"'"'none'"'"'; form-action '"'"'self'"'"'; frame-ancestors '"'"'self'"'"';"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@REFERRER_POLICY: "no-referrer"@REFERRER_POLICY: "strict-origin-when-cross-origin"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@PERMISSIONS_POLICY: ".*"$@PERMISSIONS_POLICY: "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), web-share=(), xr-spatial-tracking=()"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@FEATURE_POLICY: ".*"$@FEATURE_POLICY: "accelerometer '"'"'none'"'"'; ambient-light-sensor '"'"'none'"'"'; autoplay '"'"'none'"'"'; battery '"'"'none'"'"'; camera '"'"'none'"'"'; display-capture '"'"'none'"'"'; document-domain '"'"'none'"'"'; encrypted-media '"'"'none'"'"'; execution-while-not-rendered '"'"'none'"'"'; execution-while-out-of-viewport '"'"'none'"'"'; fullscreen '"'"'none'"'"'; geolocation '"'"'none'"'"'; gyroscope '"'"'none'"'"'; layout-animation '"'"'none'"'"'; legacy-image-formats '"'"'none'"'"'; magnetometer '"'"'none'"'"'; microphone '"'"'none'"'"'; midi '"'"'none'"'"'; navigation-override '"'"'none'"'"'; payment '"'"'none'"'"'; picture-in-picture '"'"'none'"'"'; publickey-credentials-get '"'"'none'"'"'; speaker-selection '"'"'none'"'"'; sync-xhr '"'"'none'"'"'; unoptimized-images '"'"'none'"'"'; unsized-media '"'"'none'"'"'; usb '"'"'none'"'"'; screen-wake-lock '"'"'none'"'"'; web-share '"'"'none'"'"'; xr-spatial-tracking '"'"'none'"'"';"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@X_FRAME_OPTIONS: "DENY"@X_FRAME_OPTIONS: "SAMEORIGIN"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@X_CONTENT_TYPE_OPTIONS: ""@X_CONTENT_TYPE_OPTIONS: "nosniff"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@X_XSS_PROTECTION: "0"@X_XSS_PROTECTION: "1; mode=block"@' {} \; - if [[ $(sed '27!d' docker-compose.yml) = ' COOKIE_FLAGS_1: "bw_cookie SameSite=Lax"' ]] ; then - sed -i '27d' docker-compose.yml + if [[ $(sed '27!d' docker-compose.yml) = ' COOKIE_FLAGS_1: "bw_cookie SameSite=Lax"' ]] ; then + sed -i '27d' docker-compose.yml + fi + + if [[ $(sed '13!d' docker-compose.test.yml) = ' COOKIE_FLAGS_1: "bw_cookie SameSite=Lax"' ]] ; then + sed -i '13d' docker-compose.test.yml + fi + else + sudo sed -i 's@GENERATE_SELF_SIGNED_SSL=.*$@GENERATE_SELF_SIGNED_SSL=no@' /etc/bunkerweb/variables.env + sudo sed -i 's@CUSTOM_HEADER=.*$@CUSTOM_HEADER=@' /etc/bunkerweb/variables.env + sudo sed -i 's@REMOVE_HEADERS=.*$@REMOVE_HEADERS=Server X-Powered-By X-AspNet-Version X-AspNetMvc-Version@' /etc/bunkerweb/variables.env + sudo sed -i 's@STRICT_TRANSPORT_SECURITY=.*$@STRICT_TRANSPORT_SECURITY=max-age=31536000@' /etc/bunkerweb/variables.env + sudo sed -i 's@COOKIE_FLAGS=.*$@COOKIE_FLAGS=* HttpOnly SameSite=Lax@' /etc/bunkerweb/variables.env + sudo sed -i 's@COOKIE_AUTO_SECURE_FLAG=.*$@COOKIE_AUTO_SECURE_FLAG=yes@' /etc/bunkerweb/variables.env + sudo sed -i "s@CONTENT_SECURITY_POLICY=.*$@CONTENT_SECURITY_POLICY=object-src 'none'; form-action 'self'; frame-ancestors 'self';@" /etc/bunkerweb/variables.env + sudo sed -i 's@REFERRER_POLICY=.*$@REFERRER_POLICY=strict-origin-when-cross-origin@' /etc/bunkerweb/variables.env + sudo sed -i 's@PERMISSIONS_POLICY=.*$@PERMISSIONS_POLICY=accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), web-share=(), xr-spatial-tracking=()@' /etc/bunkerweb/variables.env + sudo sed -i "s@FEATURE_POLICY=.*$@FEATURE_POLICY=accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animation 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'none'; unoptimized-images 'none'; unsized-media 'none'; usb 'none'; screen-wake-lock 'none'; web-share 'none'; xr-spatial-tracking 'none';@" /etc/bunkerweb/variables.env + sudo sed -i 's@X_FRAME_OPTIONS=.*$@X_FRAME_OPTIONS=SAMEORIGIN@' /etc/bunkerweb/variables.env + sudo sed -i 's@X_CONTENT_TYPE_OPTIONS=.*$@X_CONTENT_TYPE_OPTIONS=nosniff@' /etc/bunkerweb/variables.env + sudo sed -i 's@X_XSS_PROTECTION=.*$@X_XSS_PROTECTION=1; mode=block@' /etc/bunkerweb/variables.env + unset GENERATE_SELF_SIGNED_SSL + unset CUSTOM_HEADER + unset REMOVE_HEADERS + unset STRICT_TRANSPORT_SECURITY + unset COOKIE_FLAGS + unset COOKIE_AUTO_SECURE_FLAG + unset CONTENT_SECURITY_POLICY + unset REFERRER_POLICY + unset PERMISSIONS_POLICY + unset FEATURE_POLICY + unset X_FRAME_OPTIONS + unset X_CONTENT_TYPE_OPTIONS + unset X_XSS_PROTECTION + + if [[ $(sudo tail -n 1 /etc/bunkerweb/variables.env) = 'COOKIE_FLAGS_1=bw_cookie SameSite=Lax' ]] ; then + sudo sed -i '$ d' /etc/bunkerweb/variables.env + fi + unset COOKIE_FLAGS_1 fi - - if [[ $(sed '13!d' docker-compose.test.yml) = ' COOKIE_FLAGS_1: "bw_cookie SameSite=Lax"' ]] ; then - sed -i '13d' docker-compose.test.yml - fi - if [[ $end -eq 1 && $exit_code = 0 ]] ; then return fi @@ -48,10 +115,15 @@ cleanup_stack () { echo "🎛ī¸ Cleaning up current stack ..." - docker compose down -v --remove-orphans + if [ "$integration" == "docker" ] ; then + docker compose down -v --remove-orphans + else + sudo systemctl stop bunkerweb + sudo truncate -s 0 /var/log/bunkerweb/error.log + fi if [ $? -ne 0 ] ; then - echo "🎛ī¸ Down failed ❌" + echo "🎛ī¸ Cleanup failed ❌" exit 1 fi @@ -65,56 +137,131 @@ for test in "without_ssl" "no_httponly_flag" "multiple_no_httponly_flag" "with_s do if [ "$test" = "without_ssl" ] ; then echo "🎛ī¸ Running tests without ssl and with tweaked settings ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@CUSTOM_HEADER: ""@CUSTOM_HEADER: "X-Test: test"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@REMOVE_HEADERS: ".*"$@REMOVE_HEADERS: "X-Powered-By X-AspNet-Version X-AspNetMvc-Version"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@STRICT_TRANSPORT_SECURITY: "max-age=31536000"@STRICT_TRANSPORT_SECURITY: "max-age=86400"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@CONTENT_SECURITY_POLICY: ".*"$@CONTENT_SECURITY_POLICY: "object-src '"'"'none'"'"'; frame-ancestors '"'"'self'"'"';"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@REFERRER_POLICY: "strict-origin-when-cross-origin"@REFERRER_POLICY: "no-referrer"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@PERMISSIONS_POLICY: ".*"$@PERMISSIONS_POLICY: "geolocation=(self), microphone=()"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@FEATURE_POLICY: ".*"$@FEATURE_POLICY: "geolocation '"'"'self'"'"'; microphone '"'"'none'"'"';"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@X_FRAME_OPTIONS: "SAMEORIGIN"@X_FRAME_OPTIONS: "DENY"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@X_CONTENT_TYPE_OPTIONS: "nosniff"@X_CONTENT_TYPE_OPTIONS: ""@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@X_XSS_PROTECTION: "1; mode=block"@X_XSS_PROTECTION: "0"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@CUSTOM_HEADER: ""@CUSTOM_HEADER: "X-Test: test"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@REMOVE_HEADERS: ".*"$@REMOVE_HEADERS: "X-Powered-By X-AspNet-Version X-AspNetMvc-Version"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@STRICT_TRANSPORT_SECURITY: "max-age=31536000"@STRICT_TRANSPORT_SECURITY: "max-age=86400"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@CONTENT_SECURITY_POLICY: ".*"$@CONTENT_SECURITY_POLICY: "object-src '"'"'none'"'"'; frame-ancestors '"'"'self'"'"';"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@REFERRER_POLICY: "strict-origin-when-cross-origin"@REFERRER_POLICY: "no-referrer"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@PERMISSIONS_POLICY: ".*"$@PERMISSIONS_POLICY: "geolocation=(self), microphone=()"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@FEATURE_POLICY: ".*"$@FEATURE_POLICY: "geolocation '"'"'self'"'"'; microphone '"'"'none'"'"';"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@X_FRAME_OPTIONS: "SAMEORIGIN"@X_FRAME_OPTIONS: "DENY"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@X_CONTENT_TYPE_OPTIONS: "nosniff"@X_CONTENT_TYPE_OPTIONS: ""@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@X_XSS_PROTECTION: "1; mode=block"@X_XSS_PROTECTION: "0"@' {} \; + else + sudo sed -i 's@CUSTOM_HEADER=.*$@CUSTOM_HEADER=X-Test: test@' /etc/bunkerweb/variables.env + sudo sed -i 's@REMOVE_HEADERS=.*$@REMOVE_HEADERS=X-Powered-By X-AspNet-Version X-AspNetMvc-Version@' /etc/bunkerweb/variables.env + sudo sed -i 's@STRICT_TRANSPORT_SECURITY=.*$@STRICT_TRANSPORT_SECURITY=max-age=86400@' /etc/bunkerweb/variables.env + sudo sed -i "s@CONTENT_SECURITY_POLICY=.*$@CONTENT_SECURITY_POLICY=object-src 'none'; frame-ancestors 'self';@" /etc/bunkerweb/variables.env + sudo sed -i 's@REFERRER_POLICY=.*$@REFERRER_POLICY=no-referrer@' /etc/bunkerweb/variables.env + sudo sed -i 's@PERMISSIONS_POLICY=.*$@PERMISSIONS_POLICY=geolocation=(self), microphone=()@' /etc/bunkerweb/variables.env + sudo sed -i "s@FEATURE_POLICY=.*$@FEATURE_POLICY=geolocation 'self'; microphone 'none';@" /etc/bunkerweb/variables.env + sudo sed -i 's@X_FRAME_OPTIONS=.*$@X_FRAME_OPTIONS=DENY@' /etc/bunkerweb/variables.env + sudo sed -i 's@X_CONTENT_TYPE_OPTIONS=.*$@X_CONTENT_TYPE_OPTIONS=@' /etc/bunkerweb/variables.env + sudo sed -i 's@X_XSS_PROTECTION=.*$@X_XSS_PROTECTION=0@' /etc/bunkerweb/variables.env + export CUSTOM_HEADER="X-Test: test" + export REMOVE_HEADERS="X-Powered-By X-AspNet-Version X-AspNetMvc-Version" + export STRICT_TRANSPORT_SECURITY="max-age=86400" + export CONTENT_SECURITY_POLICY="object-src 'none'; frame-ancestors 'self';" + export REFERRER_POLICY="no-referrer" + export PERMISSIONS_POLICY="geolocation=(self), microphone=()" + export FEATURE_POLICY="geolocation 'self'; microphone 'none';" + export X_FRAME_OPTIONS="DENY" + export X_CONTENT_TYPE_OPTIONS="" + export X_XSS_PROTECTION="0" + fi elif [ "$test" = "no_httponly_flag" ] ; then echo "🎛ī¸ Running tests without HttpOnly flag for cookies and with default values ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@COOKIE_FLAGS: ".*"$@COOKIE_FLAGS: "* SameSite=Lax"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@CUSTOM_HEADER: "X-Test: test"@CUSTOM_HEADER: ""@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@REMOVE_HEADERS: ".*"$@REMOVE_HEADERS: "Server X-Powered-By X-AspNet-Version X-AspNetMvc-Version"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@STRICT_TRANSPORT_SECURITY: "max-age=86400"@STRICT_TRANSPORT_SECURITY: "max-age=31536000"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "yes"@GENERATE_SELF_SIGNED_SSL: "no"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@CONTENT_SECURITY_POLICY: ".*"$@CONTENT_SECURITY_POLICY: "object-src '"'"'none'"'"'; form-action '"'"'self'"'"'; frame-ancestors '"'"'self'"'"';"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@REFERRER_POLICY: "no-referrer"@REFERRER_POLICY: "strict-origin-when-cross-origin"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@PERMISSIONS_POLICY: ".*"$@PERMISSIONS_POLICY: "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), web-share=(), xr-spatial-tracking=()"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@FEATURE_POLICY: ".*"$@FEATURE_POLICY: "accelerometer '"'"'none'"'"'; ambient-light-sensor '"'"'none'"'"'; autoplay '"'"'none'"'"'; battery '"'"'none'"'"'; camera '"'"'none'"'"'; display-capture '"'"'none'"'"'; document-domain '"'"'none'"'"'; encrypted-media '"'"'none'"'"'; execution-while-not-rendered '"'"'none'"'"'; execution-while-out-of-viewport '"'"'none'"'"'; fullscreen '"'"'none'"'"'; geolocation '"'"'none'"'"'; gyroscope '"'"'none'"'"'; layout-animation '"'"'none'"'"'; legacy-image-formats '"'"'none'"'"'; magnetometer '"'"'none'"'"'; microphone '"'"'none'"'"'; midi '"'"'none'"'"'; navigation-override '"'"'none'"'"'; payment '"'"'none'"'"'; picture-in-picture '"'"'none'"'"'; publickey-credentials-get '"'"'none'"'"'; speaker-selection '"'"'none'"'"'; sync-xhr '"'"'none'"'"'; unoptimized-images '"'"'none'"'"'; unsized-media '"'"'none'"'"'; usb '"'"'none'"'"'; screen-wake-lock '"'"'none'"'"'; web-share '"'"'none'"'"'; xr-spatial-tracking '"'"'none'"'"';"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@X_FRAME_OPTIONS: "DENY"@X_FRAME_OPTIONS: "SAMEORIGIN"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@X_CONTENT_TYPE_OPTIONS: ""@X_CONTENT_TYPE_OPTIONS: "nosniff"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@X_XSS_PROTECTION: "0"@X_XSS_PROTECTION: "1; mode=block"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@COOKIE_FLAGS: ".*"$@COOKIE_FLAGS: "* SameSite=Lax"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@CUSTOM_HEADER: "X-Test: test"@CUSTOM_HEADER: ""@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@REMOVE_HEADERS: ".*"$@REMOVE_HEADERS: "Server X-Powered-By X-AspNet-Version X-AspNetMvc-Version"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@STRICT_TRANSPORT_SECURITY: "max-age=86400"@STRICT_TRANSPORT_SECURITY: "max-age=31536000"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "yes"@GENERATE_SELF_SIGNED_SSL: "no"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@CONTENT_SECURITY_POLICY: ".*"$@CONTENT_SECURITY_POLICY: "object-src '"'"'none'"'"'; form-action '"'"'self'"'"'; frame-ancestors '"'"'self'"'"';"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@REFERRER_POLICY: "no-referrer"@REFERRER_POLICY: "strict-origin-when-cross-origin"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@PERMISSIONS_POLICY: ".*"$@PERMISSIONS_POLICY: "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), web-share=(), xr-spatial-tracking=()"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@FEATURE_POLICY: ".*"$@FEATURE_POLICY: "accelerometer '"'"'none'"'"'; ambient-light-sensor '"'"'none'"'"'; autoplay '"'"'none'"'"'; battery '"'"'none'"'"'; camera '"'"'none'"'"'; display-capture '"'"'none'"'"'; document-domain '"'"'none'"'"'; encrypted-media '"'"'none'"'"'; execution-while-not-rendered '"'"'none'"'"'; execution-while-out-of-viewport '"'"'none'"'"'; fullscreen '"'"'none'"'"'; geolocation '"'"'none'"'"'; gyroscope '"'"'none'"'"'; layout-animation '"'"'none'"'"'; legacy-image-formats '"'"'none'"'"'; magnetometer '"'"'none'"'"'; microphone '"'"'none'"'"'; midi '"'"'none'"'"'; navigation-override '"'"'none'"'"'; payment '"'"'none'"'"'; picture-in-picture '"'"'none'"'"'; publickey-credentials-get '"'"'none'"'"'; speaker-selection '"'"'none'"'"'; sync-xhr '"'"'none'"'"'; unoptimized-images '"'"'none'"'"'; unsized-media '"'"'none'"'"'; usb '"'"'none'"'"'; screen-wake-lock '"'"'none'"'"'; web-share '"'"'none'"'"'; xr-spatial-tracking '"'"'none'"'"';"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@X_FRAME_OPTIONS: "DENY"@X_FRAME_OPTIONS: "SAMEORIGIN"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@X_CONTENT_TYPE_OPTIONS: ""@X_CONTENT_TYPE_OPTIONS: "nosniff"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@X_XSS_PROTECTION: "0"@X_XSS_PROTECTION: "1; mode=block"@' {} \; + else + sudo sed -i 's@COOKIE_FLAGS=.*$@COOKIE_FLAGS=* HttpOnly SameSite=Lax@' /etc/bunkerweb/variables.env + sudo sed -i 's@CUSTOM_HEADER=.*$@CUSTOM_HEADER=@' /etc/bunkerweb/variables.env + sudo sed -i 's@REMOVE_HEADERS=.*$@REMOVE_HEADERS=Server X-Powered-By X-AspNet-Version X-AspNetMvc-Version@' /etc/bunkerweb/variables.env + sudo sed -i 's@STRICT_TRANSPORT_SECURITY=.*$@STRICT_TRANSPORT_SECURITY=max-age=31536000@' /etc/bunkerweb/variables.env + sudo sed -i 's@GENERATE_SELF_SIGNED_SSL=.*$@GENERATE_SELF_SIGNED_SSL=no@' /etc/bunkerweb/variables.env + sudo sed -i "s@CONTENT_SECURITY_POLICY=.*$@CONTENT_SECURITY_POLICY=object-src 'none'; form-action 'self'; frame-ancestors 'self';@" /etc/bunkerweb/variables.env + sudo sed -i 's@REFERRER_POLICY=.*$@REFERRER_POLICY=strict-origin-when-cross-origin@' /etc/bunkerweb/variables.env + sudo sed -i 's@PERMISSIONS_POLICY=.*$@PERMISSIONS_POLICY=accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), web-share=(), xr-spatial-tracking=()@' /etc/bunkerweb/variables.env + sudo sed -i "s@FEATURE_POLICY=.*$@FEATURE_POLICY=accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animation 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'none'; unoptimized-images 'none'; unsized-media 'none'; usb 'none'; screen-wake-lock 'none'; web-share 'none'; xr-spatial-tracking 'none';@" /etc/bunkerweb/variables.env + sudo sed -i 's@X_FRAME_OPTIONS=.*$@X_FRAME_OPTIONS=SAMEORIGIN@' /etc/bunkerweb/variables.env + sudo sed -i 's@X_CONTENT_TYPE_OPTIONS=.*$@X_CONTENT_TYPE_OPTIONS=nosniff@' /etc/bunkerweb/variables.env + sudo sed -i 's@X_XSS_PROTECTION=.*$@X_XSS_PROTECTION=1; mode=block@' /etc/bunkerweb/variables.env + export COOKIE_FLAGS="* SameSite=Lax" + unset CUSTOM_HEADER + unset REMOVE_HEADERS + unset STRICT_TRANSPORT_SECURITY + unset CONTENT_SECURITY_POLICY + unset REFERRER_POLICY + unset PERMISSIONS_POLICY + unset FEATURE_POLICY + unset X_FRAME_OPTIONS + unset X_CONTENT_TYPE_OPTIONS + unset X_XSS_PROTECTION + fi elif [ "$test" = "multiple_no_httponly_flag" ] ; then echo "🎛ī¸ Running tests with HttpOnly flag overriden for cookie \"bw_cookie\" and default cookies flags ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@COOKIE_FLAGS: ".*"$@COOKIE_FLAGS: "* HttpOnly SameSite=Lax"@' {} \; - sed -i '27i \ COOKIE_FLAGS_1: "bw_cookie SameSite=Lax"' docker-compose.yml - sed -i '13i \ COOKIE_FLAGS_1: "bw_cookie SameSite=Lax"' docker-compose.test.yml + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@COOKIE_FLAGS: ".*"$@COOKIE_FLAGS: "* HttpOnly SameSite=Lax"@' {} \; + sed -i '27i \ COOKIE_FLAGS_1: "bw_cookie SameSite=Lax"' docker-compose.yml + sed -i '13i \ COOKIE_FLAGS_1: "bw_cookie SameSite=Lax"' docker-compose.test.yml + else + sudo sed -i 's@COOKIE_FLAGS=.*$@COOKIE_FLAGS=* HttpOnly SameSite=Lax@' /etc/bunkerweb/variables.env + echo "COOKIE_FLAGS_1=bw_cookie SameSite=Lax" | sudo tee -a /etc/bunkerweb/variables.env + export COOKIE_FLAGS="* HttpOnly SameSite=Lax" + export COOKIE_FLAGS_1="bw_cookie SameSite=Lax" + fi elif [ "$test" = "with_ssl" ] ; then echo "🎛ī¸ Running tests with ssl ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "no"@GENERATE_SELF_SIGNED_SSL: "yes"@' {} \; - sed -i '27d' docker-compose.yml - sed -i '13d' docker-compose.test.yml + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "no"@GENERATE_SELF_SIGNED_SSL: "yes"@' {} \; + sed -i '27d' docker-compose.yml + sed -i '13d' docker-compose.test.yml + else + sudo sed -i 's@GENERATE_SELF_SIGNED_SSL=.*$@GENERATE_SELF_SIGNED_SSL=yes@' /etc/bunkerweb/variables.env + sudo sed -i '$ d' /etc/bunkerweb/variables.env + export GENERATE_SELF_SIGNED_SSL="yes" + fi elif [ "$test" = "no_cookie_auto_secure_flag" ] ; then echo "🎛ī¸ Running tests without cookie_auto_secure_flag ..." echo "ℹī¸ Keeping the generated self-signed SSL certificate" - find . -type f -name 'docker-compose.*' -exec sed -i 's@COOKIE_AUTO_SECURE_FLAG: "yes"@COOKIE_AUTO_SECURE_FLAG: "no"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@COOKIE_AUTO_SECURE_FLAG: "yes"@COOKIE_AUTO_SECURE_FLAG: "no"@' {} \; + else + sudo sed -i 's@COOKIE_AUTO_SECURE_FLAG=.*$@COOKIE_AUTO_SECURE_FLAG=no@' /etc/bunkerweb/variables.env + export COOKIE_AUTO_SECURE_FLAG="no" + fi fi echo "🎛ī¸ Starting stack ..." - docker compose up -d - if [ $? -ne 0 ] ; then - echo "🎛ī¸ Up failed, retrying ... ⚠ī¸" - manual=1 - cleanup_stack - manual=0 + if [ "$integration" == "docker" ] ; then docker compose up -d if [ $? -ne 0 ] ; then - echo "🎛ī¸ Up failed ❌" + echo "🎛ī¸ Up failed, retrying ... ⚠ī¸" + manual=1 + cleanup_stack + manual=0 + docker compose up -d + if [ $? -ne 0 ] ; then + echo "🎛ī¸ Up failed ❌" + exit 1 + fi + fi + else + sudo systemctl start bunkerweb + if [ $? -ne 0 ] ; then + echo "🎛ī¸ Start failed ❌" exit 1 fi fi @@ -122,37 +269,70 @@ do # Check if stack is healthy echo "🎛ī¸ Waiting for stack to be healthy ..." i=0 - while [ $i -lt 120 ] ; do - containers=("headers-bw-1" "headers-bw-scheduler-1") - healthy="true" - for container in "${containers[@]}" ; do - check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" - if [ "$check" = "" ] ; then - healthy="false" + if [ "$integration" == "docker" ] ; then + while [ $i -lt 120 ] ; do + containers=("headers-bw-1" "headers-bw-scheduler-1") + healthy="true" + for container in "${containers[@]}" ; do + check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" + if [ "$check" = "" ] ; then + healthy="false" + break + fi + done + if [ "$healthy" = "true" ] ; then + echo "🎛ī¸ Docker stack is healthy ✅" break fi + sleep 1 + i=$((i+1)) done - if [ "$healthy" = "true" ] ; then - echo "🎛ī¸ Docker stack is healthy ✅" - break + if [ $i -ge 120 ] ; then + docker compose logs + echo "🎛ī¸ Docker stack is not healthy ❌" + exit 1 + fi + else + while [ $i -lt 120 ] ; do + check="$(sudo cat /var/log/bunkerweb/error.log | grep "BunkerWeb is ready")" + if ! [ -z "$check" ] ; then + echo "🎛ī¸ Linux stack is healthy ✅" + break + fi + sleep 1 + i=$((i+1)) + done + if [ $i -ge 120 ] ; then + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + echo "🎛ī¸ Linux stack is not healthy ❌" + exit 1 fi - sleep 1 - i=$((i+1)) - done - if [ $i -ge 120 ] ; then - docker compose logs - echo "🎛ī¸ Docker stack is not healthy ❌" - exit 1 fi # Start tests - docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + if [ "$integration" == "docker" ] ; then + docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + else + python3 main.py + fi if [ $? -ne 0 ] ; then echo "🎛ī¸ Test \"$test\" failed ❌" echo "🛡ī¸ Showing BunkerWeb and BunkerWeb Scheduler logs ..." - docker compose logs bw bw-scheduler + if [ "$integration" == "docker" ] ; then + docker compose logs bw bw-scheduler + else + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + fi exit 1 else echo "🎛ī¸ Test \"$test\" succeeded ✅" diff --git a/tests/core/inject/test.sh b/tests/core/inject/test.sh index b33b94d86..38feb9e7e 100755 --- a/tests/core/inject/test.sh +++ b/tests/core/inject/test.sh @@ -1,26 +1,47 @@ #!/bin/bash -echo "💉 Building inject stack ..." +integration=$1 -# Starting stack -docker compose pull bw-docker -if [ $? -ne 0 ] ; then - echo "💉 Pull failed ❌" +if [ -z "$integration" ] ; then + echo "💉 Please provide an integration name as argument ❌" + exit 1 +elif [ "$integration" != "docker" ] && [ "$integration" != "linux" ] ; then + echo "💉 Integration \"$integration\" is not supported ❌" exit 1 fi -docker compose -f docker-compose.test.yml build -if [ $? -ne 0 ] ; then - echo "💉 Build failed ❌" - exit 1 + +echo "💉 Building inject stack for integration \"$integration\" ..." + +# Starting stack +if [ "$integration" = "docker" ] ; then + docker compose pull bw-docker + if [ $? -ne 0 ] ; then + echo "💉 Pull failed ❌" + exit 1 + fi + docker compose -f docker-compose.test.yml build + if [ $? -ne 0 ] ; then + echo "💉 Build failed ❌" + exit 1 + fi +else + sudo systemctl stop bunkerweb + echo "INJECT_BODY=TEST" | sudo tee -a /etc/bunkerweb/variables.env + sudo cp index.html /var/www/html/index.html fi cleanup_stack () { echo "💉 Cleaning up current stack ..." - docker compose down -v --remove-orphans + if [ "$integration" == "docker" ] ; then + docker compose down -v --remove-orphans + else + sudo systemctl stop bunkerweb + sudo truncate -s 0 /var/log/bunkerweb/error.log + fi if [ $? -ne 0 ] ; then - echo "💉 Down failed ❌" + echo "💉 Cleanup failed ❌" exit 1 fi @@ -33,15 +54,23 @@ trap cleanup_stack EXIT echo "💉 Running tests while injecting TEST into the HTML page ..." echo "💉 Starting stack ..." -docker compose up -d -if [ $? -ne 0 ] ; then - echo "💉 Up failed, retrying ... ⚠ī¸" - manual=1 - cleanup_stack - manual=0 +if [ "$integration" == "docker" ] ; then docker compose up -d if [ $? -ne 0 ] ; then - echo "💉 Up failed ❌" + echo "💉 Up failed, retrying ... ⚠ī¸" + manual=1 + cleanup_stack + manual=0 + docker compose up -d + if [ $? -ne 0 ] ; then + echo "💉 Up failed ❌" + exit 1 + fi + fi +else + sudo systemctl start bunkerweb + if [ $? -ne 0 ] ; then + echo "💉 Start failed ❌" exit 1 fi fi @@ -49,37 +78,70 @@ fi # Check if stack is healthy echo "💉 Waiting for stack to be healthy ..." i=0 -while [ $i -lt 120 ] ; do - containers=("inject-bw-1" "inject-bw-scheduler-1") - healthy="true" - for container in "${containers[@]}" ; do - check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" - if [ "$check" = "" ] ; then - healthy="false" +if [ "$integration" == "docker" ] ; then + while [ $i -lt 120 ] ; do + containers=("inject-bw-1" "inject-bw-scheduler-1") + healthy="true" + for container in "${containers[@]}" ; do + check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" + if [ "$check" = "" ] ; then + healthy="false" + break + fi + done + if [ "$healthy" = "true" ] ; then + echo "💉 Docker stack is healthy ✅" break fi + sleep 1 + i=$((i+1)) done - if [ "$healthy" = "true" ] ; then - echo "💉 Docker stack is healthy ✅" - break + if [ $i -ge 120 ] ; then + docker compose logs + echo "💉 Docker stack is not healthy ❌" + exit 1 + fi +else + while [ $i -lt 120 ] ; do + check="$(sudo cat /var/log/bunkerweb/error.log | grep "BunkerWeb is ready")" + if ! [ -z "$check" ] ; then + echo "💉 Linux stack is healthy ✅" + break + fi + sleep 1 + i=$((i+1)) + done + if [ $i -ge 120 ] ; then + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + echo "💉 Linux stack is not healthy ❌" + exit 1 fi - sleep 1 - i=$((i+1)) -done -if [ $i -ge 120 ] ; then - docker compose logs - echo "💉 Docker stack is not healthy ❌" - exit 1 fi # Start tests -docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests +if [ "$integration" == "docker" ] ; then + docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests +else + python3 main.py +fi if [ $? -ne 0 ] ; then echo "💉 Test \"inject\" failed ❌" echo "🛡ī¸ Showing BunkerWeb and BunkerWeb Scheduler logs ..." - docker compose logs bw bw-scheduler + if [ "$integration" == "docker" ] ; then + docker compose logs bw bw-scheduler + else + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + fi exit 1 else echo "💉 Test \"inject\" succeeded ✅" diff --git a/tests/core/limit/test.sh b/tests/core/limit/test.sh index ad7ec00bc..4a60abce5 100755 --- a/tests/core/limit/test.sh +++ b/tests/core/limit/test.sh @@ -1,17 +1,38 @@ #!/bin/bash -echo "🎚ī¸ Building limit stack ..." +integration=$1 -# Starting stack -docker compose pull bw-docker -if [ $? -ne 0 ] ; then - echo "🎚ī¸ Pull failed ❌" +if [ -z "$integration" ] ; then + echo "🎚ī¸ Please provide an integration name as argument ❌" + exit 1 +elif [ "$integration" != "docker" ] && [ "$integration" != "linux" ] ; then + echo "🎚ī¸ Integration \"$integration\" is not supported ❌" exit 1 fi -docker compose -f docker-compose.test.yml build -if [ $? -ne 0 ] ; then - echo "🎚ī¸ Build failed ❌" - exit 1 + +echo "🎚ī¸ Building limit stack for integration \"$integration\" ..." + +# Starting stack +if [ "$integration" = "docker" ] ; then + docker compose pull bw-docker + if [ $? -ne 0 ] ; then + echo "🎚ī¸ Pull failed ❌" + exit 1 + fi + docker compose -f docker-compose.test.yml build + if [ $? -ne 0 ] ; then + echo "🎚ī¸ Build failed ❌" + exit 1 + fi +else + sudo systemctl stop bunkerweb + echo "BAD_BEHAVIOR_STATUS_CODES=400 401 403 405 429 444" | sudo tee -a /etc/bunkerweb/variables.env + echo "USE_LIMIT_REQ=no" | sudo tee -a /etc/bunkerweb/variables.env + echo "LIMIT_REQ_URL=/" | sudo tee -a /etc/bunkerweb/variables.env + echo "LIMIT_REQ_RATE=2r/s" | sudo tee -a /etc/bunkerweb/variables.env + echo "USE_LIMIT_CONN=yes" | sudo tee -a /etc/bunkerweb/variables.env + echo "LIMIT_CONN_MAX_HTTP1=1" | sudo tee -a /etc/bunkerweb/variables.env + sudo touch /var/www/html/index.html fi manual=0 @@ -19,27 +40,48 @@ end=0 cleanup_stack () { exit_code=$? if [[ $end -eq 1 || $exit_code = 1 ]] || [[ $end -eq 0 && $exit_code = 0 ]] && [ $manual = 0 ] ; then - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_LIMIT_REQ: "yes"@USE_LIMIT_REQ: "no"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@LIMIT_REQ_URL: ".*"$@LIMIT_REQ_URL: "/"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@LIMIT_REQ_RATE: ".*"$@LIMIT_REQ_RATE: "2r/s"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_LIMIT_CONN: "no"@USE_LIMIT_CONN: "yes"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_LIMIT_REQ: "yes"@USE_LIMIT_REQ: "no"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@LIMIT_REQ_URL: ".*"$@LIMIT_REQ_URL: "/"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@LIMIT_REQ_RATE: ".*"$@LIMIT_REQ_RATE: "2r/s"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_LIMIT_CONN: "no"@USE_LIMIT_CONN: "yes"@' {} \; - if [[ $(sed '22!d' docker-compose.yml) = ' LIMIT_REQ_URL_1: "/custom"' ]] ; then - sed -i '22d' docker-compose.yml + if [[ $(sed '22!d' docker-compose.yml) = ' LIMIT_REQ_URL_1: "/custom"' ]] ; then + sed -i '22d' docker-compose.yml + fi + + if [[ $(sed '22!d' docker-compose.yml) = ' LIMIT_REQ_RATE_1: "4r/s"' ]] ; then + sed -i '22d' docker-compose.yml + fi + + if [[ $(sed '11!d' docker-compose.test.yml) = ' LIMIT_REQ_URL_1: "/custom"' ]] ; then + sed -i '11d' docker-compose.test.yml + fi + + if [[ $(sed '11!d' docker-compose.test.yml) = ' LIMIT_REQ_RATE_1: "4r/s"' ]] ; then + sed -i '11d' docker-compose.test.yml + fi + else + sudo sed -i 's@USE_LIMIT_REQ=.*$@USE_LIMIT_REQ=no@' /etc/bunkerweb/variables.env + sudo sed -i 's@LIMIT_REQ_URL=.*$@LIMIT_REQ_URL=/@' /etc/bunkerweb/variables.env + sudo sed -i 's@LIMIT_REQ_RATE=.*$@LIMIT_REQ_RATE=2r/s@' /etc/bunkerweb/variables.env + sudo sed -i 's@USE_LIMIT_CONN=.*$@USE_LIMIT_CONN=yes@' /etc/bunkerweb/variables.env + unset USE_LIMIT_REQ + unset LIMIT_REQ_URL + unset LIMIT_REQ_RATE + unset USE_LIMIT_CONN + + if [[ $(sudo tail -n 1 /etc/bunkerweb/variables.env) = 'LIMIT_REQ_URL_1=/custom' ]] ; then + sudo truncate -s -1 /etc/bunkerweb/variables.env + fi + + if [[ $(sudo tail -n 1 /etc/bunkerweb/variables.env) = 'LIMIT_REQ_RATE_1=4r/s' ]] ; then + sudo truncate -s -1 /etc/bunkerweb/variables.env + fi + + unset LIMIT_REQ_URL_1 + unset LIMIT_REQ_RATE_1 fi - - if [[ $(sed '22!d' docker-compose.yml) = ' LIMIT_REQ_RATE_1: "4r/s"' ]] ; then - sed -i '22d' docker-compose.yml - fi - - if [[ $(sed '11!d' docker-compose.test.yml) = ' LIMIT_REQ_URL_1: "/custom"' ]] ; then - sed -i '11d' docker-compose.test.yml - fi - - if [[ $(sed '11!d' docker-compose.test.yml) = ' LIMIT_REQ_RATE_1: "4r/s"' ]] ; then - sed -i '11d' docker-compose.test.yml - fi - if [[ $end -eq 1 && $exit_code = 0 ]] ; then return fi @@ -47,10 +89,15 @@ cleanup_stack () { echo "🎚ī¸ Cleaning up current stack ..." - docker compose down -v --remove-orphans + if [ "$integration" == "docker" ] ; then + docker compose down -v --remove-orphans + else + sudo systemctl stop bunkerweb + sudo truncate -s 0 /var/log/bunkerweb/error.log + fi if [ $? -ne 0 ] ; then - echo "🎚ī¸ Down failed ❌" + echo "🎚ī¸ Cleanup failed ❌" exit 1 fi @@ -67,32 +114,64 @@ do elif [ "$test" = "limit_req" ] ; then echo "🎚ī¸ Running tests with limit req activated ..." echo "ℹī¸ Deactivating limit conn ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_LIMIT_CONN: "yes"@USE_LIMIT_CONN: "no"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_LIMIT_REQ: "no"@USE_LIMIT_REQ: "yes"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_LIMIT_CONN: "yes"@USE_LIMIT_CONN: "no"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_LIMIT_REQ: "no"@USE_LIMIT_REQ: "yes"@' {} \; + else + sudo sed -i 's@USE_LIMIT_CONN=.*$@USE_LIMIT_CONN=no@' /etc/bunkerweb/variables.env + sudo sed -i 's@USE_LIMIT_REQ=.*$@USE_LIMIT_REQ=yes@' /etc/bunkerweb/variables.env + export USE_LIMIT_CONN="no" + export USE_LIMIT_REQ="yes" + fi elif [ "$test" = "augmented" ] ; then echo "🎚ī¸ Running tests with limit req rate set to 10r/s ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@LIMIT_REQ_RATE: ".*"$@LIMIT_REQ_RATE: "10r/s"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@LIMIT_REQ_RATE: ".*"$@LIMIT_REQ_RATE: "10r/s"@' {} \; + else + sudo sed -i 's@LIMIT_REQ_RATE=.*$@LIMIT_REQ_RATE=10r/s@' /etc/bunkerweb/variables.env + export LIMIT_REQ_RATE="10r/s" + fi elif [ "$test" = "custom_endpoint_rate" ] ; then echo "🎚ī¸ Running tests with a custom endpoint rate ..." - sed -i '22i \ LIMIT_REQ_URL_1: "/custom"' docker-compose.yml - sed -i '23i \ LIMIT_REQ_RATE_1: "4r/s"' docker-compose.yml - sed -i '11i \ LIMIT_REQ_URL_1: "/custom"' docker-compose.test.yml - sed -i '12i \ LIMIT_REQ_RATE_1: "4r/s"' docker-compose.test.yml + if [ "$integration" == "docker" ] ; then + sed -i '22i \ LIMIT_REQ_URL_1: "/custom"' docker-compose.yml + sed -i '23i \ LIMIT_REQ_RATE_1: "4r/s"' docker-compose.yml + sed -i '11i \ LIMIT_REQ_URL_1: "/custom"' docker-compose.test.yml + sed -i '12i \ LIMIT_REQ_RATE_1: "4r/s"' docker-compose.test.yml + else + echo "LIMIT_REQ_URL_1=/custom" | sudo tee -a /etc/bunkerweb/variables.env + echo "LIMIT_REQ_RATE_1=4r/s" | sudo tee -a /etc/bunkerweb/variables.env + export LIMIT_REQ_URL_1="/custom" + export LIMIT_REQ_RATE_1="4r/s" + fi elif [ "$test" = "deactivated_req" ] ; then echo "🎚ī¸ Running tests without limit req ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_LIMIT_REQ: "yes"@USE_LIMIT_REQ: "no"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_LIMIT_REQ: "yes"@USE_LIMIT_REQ: "no"@' {} \; + else + sudo sed -i 's@USE_LIMIT_REQ=.*$@USE_LIMIT_REQ=no@' /etc/bunkerweb/variables.env + export USE_LIMIT_REQ="no" + fi fi echo "🎚ī¸ Starting stack ..." - docker compose up -d - if [ $? -ne 0 ] ; then - echo "🎚ī¸ Up failed, retrying ... ⚠ī¸" - manual=1 - cleanup_stack - manual=0 + if [ "$integration" == "docker" ] ; then docker compose up -d if [ $? -ne 0 ] ; then - echo "🎚ī¸ Up failed ❌" + echo "🎚ī¸ Up failed, retrying ... ⚠ī¸" + manual=1 + cleanup_stack + manual=0 + docker compose up -d + if [ $? -ne 0 ] ; then + echo "🎚ī¸ Up failed ❌" + exit 1 + fi + fi + else + sudo systemctl start bunkerweb + if [ $? -ne 0 ] ; then + echo "🎚ī¸ Start failed ❌" exit 1 fi fi @@ -100,37 +179,70 @@ do # Check if stack is healthy echo "🎚ī¸ Waiting for stack to be healthy ..." i=0 - while [ $i -lt 120 ] ; do - containers=("limit-bw-1" "limit-bw-scheduler-1") - healthy="true" - for container in "${containers[@]}" ; do - check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" - if [ "$check" = "" ] ; then - healthy="false" + if [ "$integration" == "docker" ] ; then + while [ $i -lt 120 ] ; do + containers=("limit-bw-1" "limit-bw-scheduler-1") + healthy="true" + for container in "${containers[@]}" ; do + check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" + if [ "$check" = "" ] ; then + healthy="false" + break + fi + done + if [ "$healthy" = "true" ] ; then + echo "🎚ī¸ Docker stack is healthy ✅" break fi + sleep 1 + i=$((i+1)) done - if [ "$healthy" = "true" ] ; then - echo "🎚ī¸ Docker stack is healthy ✅" - break + if [ $i -ge 120 ] ; then + docker compose logs + echo "🎚ī¸ Docker stack is not healthy ❌" + exit 1 + fi + else + while [ $i -lt 120 ] ; do + check="$(sudo cat /var/log/bunkerweb/error.log | grep "BunkerWeb is ready")" + if ! [ -z "$check" ] ; then + echo "🎚ī¸ Linux stack is healthy ✅" + break + fi + sleep 1 + i=$((i+1)) + done + if [ $i -ge 120 ] ; then + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + echo "🎚ī¸ Linux stack is not healthy ❌" + exit 1 fi - sleep 1 - i=$((i+1)) - done - if [ $i -ge 120 ] ; then - docker compose logs - echo "🎚ī¸ Docker stack is not healthy ❌" - exit 1 fi # Start tests - docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + if [ "$integration" == "docker" ] ; then + docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + else + python3 main.py + fi if [ $? -ne 0 ] ; then echo "🎚ī¸ Test \"$test\" failed ❌" echo "🛡ī¸ Showing BunkerWeb and BunkerWeb Scheduler logs ..." - docker compose logs bw bw-scheduler + if [ "$integration" == "docker" ] ; then + docker compose logs bw bw-scheduler + else + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + fi exit 1 else echo "🎚ī¸ Test \"$test\" succeeded ✅" diff --git a/tests/core/misc/test.sh b/tests/core/misc/test.sh index 7bd045238..60db26483 100755 --- a/tests/core/misc/test.sh +++ b/tests/core/misc/test.sh @@ -1,17 +1,45 @@ #!/bin/bash -echo "🗃ī¸ Building misc stack ..." +integration=$1 -# Starting stack -docker compose pull bw-docker -if [ $? -ne 0 ] ; then - echo "🗃ī¸ Pull failed ❌" +if [ -z "$integration" ] ; then + echo "🗃ī¸ Please provide an integration name as argument ❌" + exit 1 +elif [ "$integration" != "docker" ] && [ "$integration" != "linux" ] ; then + echo "🗃ī¸ Integration \"$integration\" is not supported ❌" exit 1 fi -docker compose -f docker-compose.test.yml build -if [ $? -ne 0 ] ; then - echo "🗃ī¸ Build failed ❌" - exit 1 + +echo "🗃ī¸ Building misc stack for integration \"$integration\" ..." + +# Starting stack +if [ "$integration" = "docker" ] ; then + docker compose pull bw-docker + if [ $? -ne 0 ] ; then + echo "🗃ī¸ Pull failed ❌" + exit 1 + fi + docker compose -f docker-compose.test.yml build + if [ $? -ne 0 ] ; then + echo "🗃ī¸ Build failed ❌" + exit 1 + fi +else + sudo systemctl stop bunkerweb + echo "GENERATE_SELF_SIGNED_SSL=no" | sudo tee -a /etc/bunkerweb/variables.env + echo "USE_MODSECURITY=no" | sudo tee -a /etc/bunkerweb/variables.env + + echo "DISABLE_DEFAULT_SERVER=no" | sudo tee -a /etc/bunkerweb/variables.env + echo "REDIRECT_HTTP_TO_HTTPS=no" | sudo tee -a /etc/bunkerweb/variables.env + echo "AUTO_REDIRECT_HTTP_TO_HTTPS=yes" | sudo tee -a /etc/bunkerweb/variables.env + echo "ALLOWED_METHODS=GET|POST|HEAD" | sudo tee -a /etc/bunkerweb/variables.env + echo "MAX_CLIENT_SIZE=5m" | sudo tee -a /etc/bunkerweb/variables.env + echo "SERVE_FILES=yes" | sudo tee -a /etc/bunkerweb/variables.env + echo "SSL_PROTOCOLS=TLSv1.2 TLSv1.3" | sudo tee -a /etc/bunkerweb/variables.env + echo "HTTP2=yes" | sudo tee -a /etc/bunkerweb/variables.env + echo "LISTEN_HTTP=yes" | sudo tee -a /etc/bunkerweb/variables.env + echo "DENY_HTTP_STATUS=403" | sudo tee -a /etc/bunkerweb/variables.env + sudo touch /var/www/html/index.html fi manual=0 @@ -19,15 +47,36 @@ end=0 cleanup_stack () { exit_code=$? if [[ $end -eq 1 || $exit_code = 1 ]] || [[ $end -eq 0 && $exit_code = 0 ]] && [ $manual = 0 ] ; then - find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "yes"@GENERATE_SELF_SIGNED_SSL: "no"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@DISABLE_DEFAULT_SERVER: "yes"@DISABLE_DEFAULT_SERVER: "no"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@ALLOWED_METHODS: ".*"$@ALLOWED_METHODS: "GET|POST|HEAD"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@MAX_CLIENT_SIZE: "10m"@MAX_CLIENT_SIZE: "5m"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@SERVE_FILES: "no"@SERVE_FILES: "yes"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@SSL_PROTOCOLS: "TLSv1.2"@SSL_PROTOCOLS: "TLSv1.2 TLSv1.3"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@HTTP2: "no"@HTTP2: "yes"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@LISTEN_HTTP: "no"@LISTEN_HTTP: "yes"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@DENY_HTTP_STATUS: "444"@DENY_HTTP_STATUS: "403"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "yes"@GENERATE_SELF_SIGNED_SSL: "no"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@DISABLE_DEFAULT_SERVER: "yes"@DISABLE_DEFAULT_SERVER: "no"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@ALLOWED_METHODS: ".*"$@ALLOWED_METHODS: "GET|POST|HEAD"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@MAX_CLIENT_SIZE: "10m"@MAX_CLIENT_SIZE: "5m"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@SERVE_FILES: "no"@SERVE_FILES: "yes"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@SSL_PROTOCOLS: "TLSv1.2"@SSL_PROTOCOLS: "TLSv1.2 TLSv1.3"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@HTTP2: "no"@HTTP2: "yes"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@LISTEN_HTTP: "no"@LISTEN_HTTP: "yes"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@DENY_HTTP_STATUS: "444"@DENY_HTTP_STATUS: "403"@' {} \; + else + sudo sed -i 's@GENERATE_SELF_SIGNED_SSL=.*$@GENERATE_SELF_SIGNED_SSL=no@' /etc/bunkerweb/variables.env + sudo sed -i 's@DISABLE_DEFAULT_SERVER=.*$@DISABLE_DEFAULT_SERVER=no@' /etc/bunkerweb/variables.env + sudo sed -i 's@ALLOWED_METHODS=.*$@ALLOWED_METHODS=GET|POST|HEAD@' /etc/bunkerweb/variables.env + sudo sed -i 's@MAX_CLIENT_SIZE=.*$@MAX_CLIENT_SIZE=5m@' /etc/bunkerweb/variables.env + sudo sed -i 's@SERVE_FILES=.*$@SERVE_FILES=yes@' /etc/bunkerweb/variables.env + sudo sed -i 's@SSL_PROTOCOLS=.*$@SSL_PROTOCOLS=TLSv1.2 TLSv1.3@' /etc/bunkerweb/variables.env + sudo sed -i 's@HTTP2=.*$@HTTP2=yes@' /etc/bunkerweb/variables.env + sudo sed -i 's@LISTEN_HTTP=.*$@LISTEN_HTTP=yes@' /etc/bunkerweb/variables.env + sudo sed -i 's@DENY_HTTP_STATUS=.*$@DENY_HTTP_STATUS=403@' /etc/bunkerweb/variables.env + unset GENERATE_SELF_SIGNED_SSL + unset DISABLE_DEFAULT_SERVER + unset ALLOWED_METHODS + unset MAX_CLIENT_SIZE + unset SERVE_FILES + unset SSL_PROTOCOLS + unset HTTP2 + unset LISTEN_HTTP + unset DENY_HTTP_STATUS + fi if [[ $end -eq 1 && $exit_code = 0 ]] ; then return fi @@ -35,10 +84,15 @@ cleanup_stack () { echo "🗃ī¸ Cleaning up current stack ..." - docker compose down -v --remove-orphans + if [ "$integration" == "docker" ] ; then + docker compose down -v --remove-orphans + else + sudo systemctl stop bunkerweb + sudo truncate -s 0 /var/log/bunkerweb/error.log + fi if [ $? -ne 0 ] ; then - echo "🗃ī¸ Down failed ❌" + echo "🗃ī¸ Cleanup failed ❌" exit 1 fi @@ -54,37 +108,77 @@ do echo "🗃ī¸ Running tests when misc settings have default values except MAX_CLIENT_SIZE which have the value \"5m\" ..." elif [ "$test" = "ssl_generated" ] ; then echo "🗃ī¸ Running tests when misc settings have default values and the ssl is generated in self signed ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "no"@GENERATE_SELF_SIGNED_SSL: "yes"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "no"@GENERATE_SELF_SIGNED_SSL: "yes"@' {} \; + else + sudo sed -i 's@GENERATE_SELF_SIGNED_SSL=.*$@GENERATE_SELF_SIGNED_SSL=yes@' /etc/bunkerweb/variables.env + export GENERATE_SELF_SIGNED_SSL="yes" + fi elif [ "$test" = "tweaked" ] ; then echo "🗃ī¸ Running tests when misc settings have tweaked values ..." echo "ℹī¸ Keeping the ssl generated in self signed ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@DISABLE_DEFAULT_SERVER: "no"@DISABLE_DEFAULT_SERVER: "yes"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@ALLOWED_METHODS: ".*"$@ALLOWED_METHODS: "POST|HEAD"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@MAX_CLIENT_SIZE: "5m"@MAX_CLIENT_SIZE: "10m"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@SERVE_FILES: "yes"@SERVE_FILES: "no"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@HTTP2: "yes"@HTTP2: "no"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@DISABLE_DEFAULT_SERVER: "no"@DISABLE_DEFAULT_SERVER: "yes"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@ALLOWED_METHODS: ".*"$@ALLOWED_METHODS: "POST|HEAD"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@MAX_CLIENT_SIZE: "5m"@MAX_CLIENT_SIZE: "10m"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@SERVE_FILES: "yes"@SERVE_FILES: "no"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@HTTP2: "yes"@HTTP2: "no"@' {} \; + else + sudo sed -i 's@DISABLE_DEFAULT_SERVER=.*$@DISABLE_DEFAULT_SERVER=yes@' /etc/bunkerweb/variables.env + sudo sed -i 's@ALLOWED_METHODS=.*$@ALLOWED_METHODS=POST|HEAD@' /etc/bunkerweb/variables.env + sudo sed -i 's@MAX_CLIENT_SIZE=.*$@MAX_CLIENT_SIZE=10m@' /etc/bunkerweb/variables.env + sudo sed -i 's@SERVE_FILES=.*$@SERVE_FILES=no@' /etc/bunkerweb/variables.env + sudo sed -i 's@HTTP2=.*$@HTTP2=no@' /etc/bunkerweb/variables.env + export DISABLE_DEFAULT_SERVER="yes" + export ALLOWED_METHODS="POST|HEAD" + export MAX_CLIENT_SIZE="10m" + export SERVE_FILES="no" + export HTTP2="no" + fi elif [ "$test" = "deny_status_444" ] ; then echo "🗃ī¸ Running tests when the server's deny status is set to 444 ..." echo "ℹī¸ Keeping the ssl generated in self signed ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@DENY_HTTP_STATUS: "403"@DENY_HTTP_STATUS: "444"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@DENY_HTTP_STATUS: "403"@DENY_HTTP_STATUS: "444"@' {} \; + else + sudo sed -i 's@DENY_HTTP_STATUS=.*$@DENY_HTTP_STATUS=444@' /etc/bunkerweb/variables.env + export DENY_HTTP_STATUS="444" + fi elif [ "$test" = "TLSv1.2" ] ; then echo "🗃ī¸ Running tests with only TLSv1.2 enabled and when the server is not listening on http ..." echo "ℹī¸ Keeping the ssl generated in self signed ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@DISABLE_DEFAULT_SERVER: "yes"@DISABLE_DEFAULT_SERVER: "no"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@SSL_PROTOCOLS: "TLSv1.2 TLSv1.3"@SSL_PROTOCOLS: "TLSv1.2"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@LISTEN_HTTP: "yes"@LISTEN_HTTP: "no"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@DISABLE_DEFAULT_SERVER: "yes"@DISABLE_DEFAULT_SERVER: "no"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@SSL_PROTOCOLS: "TLSv1.2 TLSv1.3"@SSL_PROTOCOLS: "TLSv1.2"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@LISTEN_HTTP: "yes"@LISTEN_HTTP: "no"@' {} \; + else + sudo sed -i 's@DISABLE_DEFAULT_SERVER=.*$@DISABLE_DEFAULT_SERVER=no@' /etc/bunkerweb/variables.env + sudo sed -i 's@SSL_PROTOCOLS=.*$@SSL_PROTOCOLS=TLSv1.2@' /etc/bunkerweb/variables.env + sudo sed -i 's@LISTEN_HTTP=.*$@LISTEN_HTTP=no@' /etc/bunkerweb/variables.env + export DISABLE_DEFAULT_SERVER="no" + export SSL_PROTOCOLS="TLSv1.2" + export LISTEN_HTTP="no" + fi fi echo "🗃ī¸ Starting stack ..." - docker compose up -d - if [ $? -ne 0 ] ; then - echo "🗃ī¸ Up failed, retrying ... ⚠ī¸" - manual=1 - cleanup_stack - manual=0 + if [ "$integration" == "docker" ] ; then docker compose up -d if [ $? -ne 0 ] ; then - echo "🗃ī¸ Up failed ❌" + echo "🗃ī¸ Up failed, retrying ... ⚠ī¸" + manual=1 + cleanup_stack + manual=0 + docker compose up -d + if [ $? -ne 0 ] ; then + echo "🗃ī¸ Up failed ❌" + exit 1 + fi + fi + else + sudo systemctl start bunkerweb + if [ $? -ne 0 ] ; then + echo "🗃ī¸ Start failed ❌" exit 1 fi fi @@ -92,37 +186,70 @@ do # Check if stack is healthy echo "🗃ī¸ Waiting for stack to be healthy ..." i=0 - while [ $i -lt 120 ] ; do - containers=("misc-bw-1" "misc-bw-scheduler-1") - healthy="true" - for container in "${containers[@]}" ; do - check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" - if [ "$check" = "" ] ; then - healthy="false" + if [ "$integration" == "docker" ] ; then + while [ $i -lt 120 ] ; do + containers=("misc-bw-1" "misc-bw-scheduler-1") + healthy="true" + for container in "${containers[@]}" ; do + check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" + if [ "$check" = "" ] ; then + healthy="false" + break + fi + done + if [ "$healthy" = "true" ] ; then + echo "🗃ī¸ Docker stack is healthy ✅" break fi + sleep 1 + i=$((i+1)) done - if [ "$healthy" = "true" ] ; then - echo "🗃ī¸ Docker stack is healthy ✅" - break + if [ $i -ge 120 ] ; then + docker compose logs + echo "🗃ī¸ Docker stack is not healthy ❌" + exit 1 + fi + else + while [ $i -lt 120 ] ; do + check="$(sudo cat /var/log/bunkerweb/error.log | grep "BunkerWeb is ready")" + if ! [ -z "$check" ] ; then + echo "🗃ī¸ Linux stack is healthy ✅" + break + fi + sleep 1 + i=$((i+1)) + done + if [ $i -ge 120 ] ; then + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + echo "🗃ī¸ Linux stack is not healthy ❌" + exit 1 fi - sleep 1 - i=$((i+1)) - done - if [ $i -ge 120 ] ; then - docker compose logs - echo "🗃ī¸ Docker stack is not healthy ❌" - exit 1 fi # Start tests - docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + if [ "$integration" == "docker" ] ; then + docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + else + python3 main.py + fi if [ $? -ne 0 ] ; then echo "🗃ī¸ Test \"$test\" failed ❌" echo "🛡ī¸ Showing BunkerWeb and BunkerWeb Scheduler logs ..." - docker compose logs bw bw-scheduler + if [ "$integration" == "docker" ] ; then + docker compose logs bw bw-scheduler + else + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + fi exit 1 else echo "🗃ī¸ Test \"$test\" succeeded ✅" diff --git a/tests/core/modsecurity/test.sh b/tests/core/modsecurity/test.sh index 58e03edc1..5f4f2f61e 100755 --- a/tests/core/modsecurity/test.sh +++ b/tests/core/modsecurity/test.sh @@ -1,17 +1,37 @@ #!/bin/bash -echo "👮 Building modsecurity stack ..." +integration=$1 -# Starting stack -docker compose pull bw-docker -if [ $? -ne 0 ] ; then - echo "👮 Pull failed ❌" +if [ -z "$integration" ] ; then + echo "👮 Please provide an integration name as argument ❌" + exit 1 +elif [ "$integration" != "docker" ] && [ "$integration" != "linux" ] ; then + echo "👮 Integration \"$integration\" is not supported ❌" exit 1 fi -docker compose -f docker-compose.test.yml build -if [ $? -ne 0 ] ; then - echo "👮 Build failed ❌" - exit 1 + +echo "👮 Building modsecurity stack for integration \"$integration\" ..." + +# Starting stack +if [ "$integration" = "docker" ] ; then + docker compose pull bw-docker + if [ $? -ne 0 ] ; then + echo "👮 Pull failed ❌" + exit 1 + fi + docker compose -f docker-compose.test.yml build + if [ $? -ne 0 ] ; then + echo "👮 Build failed ❌" + exit 1 + fi +else + sudo systemctl stop bunkerweb + echo "USE_MODSECURITY=yes" | sudo tee -a /etc/bunkerweb/variables.env + echo "USE_MODSECURITY_CRS=yes" | sudo tee -a /etc/bunkerweb/variables.env + echo "MODSECURITY_SEC_AUDIT_ENGINE=RelevantOnly" | sudo tee -a /etc/bunkerweb/variables.env + echo "MODSECURITY_SEC_RULE_ENGINE=On" | sudo tee -a /etc/bunkerweb/variables.env + echo "MODSECURITY_SEC_AUDIT_LOG_PARTS=ABCFHZ" | sudo tee -a /etc/bunkerweb/variables.env + sudo touch /var/www/html/index.html fi manual=0 @@ -19,8 +39,15 @@ end=0 cleanup_stack () { exit_code=$? if [[ $end -eq 1 || $exit_code = 1 ]] || [[ $end -eq 0 && $exit_code = 0 ]] && [ $manual = 0 ] ; then - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_MODSECURITY: "no"@USE_MODSECURITY: "yes"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_MODSECURITY_CRS: "no"@USE_MODSECURITY_CRS: "yes"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_MODSECURITY: "no"@USE_MODSECURITY: "yes"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_MODSECURITY_CRS: "no"@USE_MODSECURITY_CRS: "yes"@' {} \; + else + sudo sed -i 's@USE_MODSECURITY=.*$@USE_MODSECURITY=yes@' /etc/bunkerweb/variables.env + sudo sed -i 's@USE_MODSECURITY_CRS=.*$@USE_MODSECURITY_CRS=yes@' /etc/bunkerweb/variables.env + unset USE_MODSECURITY + unset USE_MODSECURITY_CRS + fi if [[ $end -eq 1 && $exit_code = 0 ]] ; then return fi @@ -28,10 +55,15 @@ cleanup_stack () { echo "👮 Cleaning up current stack ..." - docker compose down -v --remove-orphans + if [ "$integration" == "docker" ] ; then + docker compose down -v --remove-orphans + else + sudo systemctl stop bunkerweb + sudo truncate -s 0 /var/log/bunkerweb/error.log + fi if [ $? -ne 0 ] ; then - echo "👮 Down failed ❌" + echo "👮 Cleanup failed ❌" exit 1 fi @@ -47,23 +79,43 @@ do echo "👮 Running tests with modsecurity activated ..." elif [ "$test" = "crs_deactivated" ] ; then echo "👮 Running tests without the CRS ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_MODSECURITY_CRS: "yes"@USE_MODSECURITY_CRS: "no"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_MODSECURITY_CRS: "yes"@USE_MODSECURITY_CRS: "no"@' {} \; + else + sudo sed -i 's@USE_MODSECURITY_CRS=.*$@USE_MODSECURITY_CRS=no@' /etc/bunkerweb/variables.env + export USE_MODSECURITY_CRS="no" + fi elif [ "$test" = "deactivated" ] ; then echo "👮 Running tests without modsecurity ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_MODSECURITY_CRS: "no"@USE_MODSECURITY_CRS: "yes"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_MODSECURITY: "yes"@USE_MODSECURITY: "no"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_MODSECURITY_CRS: "no"@USE_MODSECURITY_CRS: "yes"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_MODSECURITY: "yes"@USE_MODSECURITY: "no"@' {} \; + else + sudo sed -i 's@USE_MODSECURITY_CRS=.*$@USE_MODSECURITY_CRS=yes@' /etc/bunkerweb/variables.env + sudo sed -i 's@USE_MODSECURITY=.*$@USE_MODSECURITY=no@' /etc/bunkerweb/variables.env + unset USE_MODSECURITY_CRS + export USE_MODSECURITY="no" + fi fi echo "👮 Starting stack ..." - docker compose up -d - if [ $? -ne 0 ] ; then - echo "👮 Up failed, retrying ... ⚠ī¸" - manual=1 - cleanup_stack - manual=0 + if [ "$integration" == "docker" ] ; then docker compose up -d if [ $? -ne 0 ] ; then - echo "👮 Up failed ❌" + echo "👮 Up failed, retrying ... ⚠ī¸" + manual=1 + cleanup_stack + manual=0 + docker compose up -d + if [ $? -ne 0 ] ; then + echo "👮 Up failed ❌" + exit 1 + fi + fi + else + sudo systemctl start bunkerweb + if [ $? -ne 0 ] ; then + echo "👮 Start failed ❌" exit 1 fi fi @@ -71,37 +123,70 @@ do # Check if stack is healthy echo "👮 Waiting for stack to be healthy ..." i=0 - while [ $i -lt 120 ] ; do - containers=("modsecurity-bw-1" "modsecurity-bw-scheduler-1") - healthy="true" - for container in "${containers[@]}" ; do - check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" - if [ "$check" = "" ] ; then - healthy="false" + if [ "$integration" == "docker" ] ; then + while [ $i -lt 120 ] ; do + containers=("modsecurity-bw-1" "modsecurity-bw-scheduler-1") + healthy="true" + for container in "${containers[@]}" ; do + check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" + if [ "$check" = "" ] ; then + healthy="false" + break + fi + done + if [ "$healthy" = "true" ] ; then + echo "👮 Docker stack is healthy ✅" break fi + sleep 1 + i=$((i+1)) done - if [ "$healthy" = "true" ] ; then - echo "👮 Docker stack is healthy ✅" - break + if [ $i -ge 120 ] ; then + docker compose logs + echo "👮 Docker stack is not healthy ❌" + exit 1 + fi + else + while [ $i -lt 120 ] ; do + check="$(sudo cat /var/log/bunkerweb/error.log | grep "BunkerWeb is ready")" + if ! [ -z "$check" ] ; then + echo "👮 Linux stack is healthy ✅" + break + fi + sleep 1 + i=$((i+1)) + done + if [ $i -ge 120 ] ; then + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + echo "👮 Linux stack is not healthy ❌" + exit 1 fi - sleep 1 - i=$((i+1)) - done - if [ $i -ge 120 ] ; then - docker compose logs - echo "👮 Docker stack is not healthy ❌" - exit 1 fi # Start tests - docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + if [ "$integration" == "docker" ] ; then + docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + else + python3 main.py + fi if [ $? -ne 0 ] ; then echo "👮 Test \"$test\" failed ❌" echo "🛡ī¸ Showing BunkerWeb and BunkerWeb Scheduler logs ..." - docker compose logs bw bw-scheduler + if [ "$integration" == "docker" ] ; then + docker compose logs bw bw-scheduler + else + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + fi exit 1 else echo "👮 Test \"$test\" succeeded ✅" diff --git a/tests/core/redirect/test.sh b/tests/core/redirect/test.sh index a625062dd..e9b5089e3 100755 --- a/tests/core/redirect/test.sh +++ b/tests/core/redirect/test.sh @@ -1,17 +1,34 @@ #!/bin/bash -echo "↩ī¸ Building redirect stack ..." +integration=$1 -# Starting stack -docker compose pull bw-docker app1 -if [ $? -ne 0 ] ; then - echo "↩ī¸ Pull failed ❌" +if [ -z "$integration" ] ; then + echo "↩ī¸ Please provide an integration name as argument ❌" + exit 1 +elif [ "$integration" != "docker" ] && [ "$integration" != "linux" ] ; then + echo "↩ī¸ Integration \"$integration\" is not supported ❌" exit 1 fi -docker compose -f docker-compose.test.yml build -if [ $? -ne 0 ] ; then - echo "↩ī¸ Build failed ❌" - exit 1 + +echo "↩ī¸ Building redirect stack for integration \"$integration\" ..." + +# Starting stack +if [ "$integration" = "docker" ] ; then + docker compose pull bw-docker app1 + if [ $? -ne 0 ] ; then + echo "↩ī¸ Pull failed ❌" + exit 1 + fi + docker compose -f docker-compose.test.yml build + if [ $? -ne 0 ] ; then + echo "↩ī¸ Build failed ❌" + exit 1 + fi +else + sudo systemctl stop bunkerweb + echo "REDIRECT_TO=" | sudo tee -a /etc/bunkerweb/variables.env + echo "REDIRECT_TO_REQUEST_URI=no" | sudo tee -a /etc/bunkerweb/variables.env + sudo touch /var/www/html/index.html fi manual=0 @@ -19,8 +36,15 @@ end=0 cleanup_stack () { exit_code=$? if [[ $end -eq 1 || $exit_code = 1 ]] || [[ $end -eq 0 && $exit_code = 0 ]] && [ $manual = 0 ] ; then - find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIRECT_TO: "http://brightlushsilveryawn\.neverssl\.com/online/"@REDIRECT_TO: ""@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIRECT_TO_REQUEST_URI: "yes"@REDIRECT_TO_REQUEST_URI: "no"@' {} \; + if [ "$integration" = "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIRECT_TO: "http://brightlushsilveryawn\.neverssl\.com/online/"@REDIRECT_TO: ""@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIRECT_TO_REQUEST_URI: "yes"@REDIRECT_TO_REQUEST_URI: "no"@' {} \; + else + sudo sed -i 's@REDIRECT_TO=.*$@REDIRECT_TO=@' /etc/bunkerweb/variables.env + sudo sed -i 's@REDIRECT_TO_REQUEST_URI=.*$@REDIRECT_TO_REQUEST_URI=no@' /etc/bunkerweb/variables.env + unset REDIRECT_TO + unset REDIRECT_TO_REQUEST_URI + fi if [[ $end -eq 1 && $exit_code = 0 ]] ; then return fi @@ -28,10 +52,15 @@ cleanup_stack () { echo "↩ī¸ Cleaning up current stack ..." - docker compose down -v --remove-orphans + if [ "$integration" == "docker" ] ; then + docker compose down -v --remove-orphans + else + sudo systemctl stop bunkerweb + sudo truncate -s 0 /var/log/bunkerweb/error.log + fi if [ $? -ne 0 ] ; then - echo "↩ī¸ Down failed ❌" + echo "↩ī¸ Cleanup failed ❌" exit 1 fi @@ -45,22 +74,40 @@ for test in "redirect" "redirect_uri" do if [ "$test" = "redirect" ] ; then echo "↩ī¸ Running tests when redirecting to http://brightlushsilveryawn.neverssl.com/online/ ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIRECT_TO: ""@REDIRECT_TO: "http://brightlushsilveryawn.neverssl.com/online/"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIRECT_TO: ""@REDIRECT_TO: "http://brightlushsilveryawn.neverssl.com/online/"@' {} \; + else + echo "REDIRECT_TO=http://brightlushsilveryawn.neverssl.com/online/" | sudo tee -a /etc/bunkerweb/variables.env + export REDIRECT_TO="http://brightlushsilveryawn.neverssl.com/online/" + fi elif [ "$test" = "redirect_uri" ] ; then echo "↩ī¸ Running tests when redirecting to uri test ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIRECT_TO_REQUEST_URI: "no"@REDIRECT_TO_REQUEST_URI: "yes"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIRECT_TO_REQUEST_URI: "no"@REDIRECT_TO_REQUEST_URI: "yes"@' {} \; + else + echo "REDIRECT_TO_REQUEST_URI=yes" | sudo tee -a /etc/bunkerweb/variables.env + export REDIRECT_TO_REQUEST_URI="yes" + fi fi echo "↩ī¸ Starting stack ..." - docker compose up -d - if [ $? -ne 0 ] ; then - echo "↩ī¸ Up failed, retrying ... ⚠ī¸" - manual=1 - cleanup_stack - manual=0 + if [ "$integration" == "docker" ] ; then docker compose up -d if [ $? -ne 0 ] ; then - echo "↩ī¸ Up failed ❌" + echo "↩ī¸ Up failed, retrying ... ⚠ī¸" + manual=1 + cleanup_stack + manual=0 + docker compose up -d + if [ $? -ne 0 ] ; then + echo "↩ī¸ Up failed ❌" + exit 1 + fi + fi + else + sudo systemctl start bunkerweb + if [ $? -ne 0 ] ; then + echo "↩ī¸ Start failed ❌" exit 1 fi fi @@ -68,37 +115,72 @@ do # Check if stack is healthy echo "↩ī¸ Waiting for stack to be healthy ..." i=0 - while [ $i -lt 120 ] ; do - containers=("redirect-bw-1" "redirect-bw-scheduler-1") - healthy="true" - for container in "${containers[@]}" ; do - check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" - if [ "$check" = "" ] ; then - healthy="false" + if [ "$integration" == "docker" ] ; then + while [ $i -lt 120 ] ; do + containers=("redirect-bw-1" "redirect-bw-scheduler-1") + healthy="true" + for container in "${containers[@]}" ; do + check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" + if [ "$check" = "" ] ; then + healthy="false" + break + fi + done + if [ "$healthy" = "true" ] ; then + echo "↩ī¸ Docker stack is healthy ✅" break fi + sleep 1 + i=$((i+1)) done - if [ "$healthy" = "true" ] ; then - echo "↩ī¸ Docker stack is healthy ✅" - break + if [ $i -ge 120 ] ; then + docker compose logs + echo "↩ī¸ Docker stack is not healthy ❌" + exit 1 + fi + else + while [ $i -lt 120 ] ; do + check="$(sudo cat /var/log/bunkerweb/error.log | grep "BunkerWeb is ready")" + if ! [ -z "$check" ] ; then + echo "↩ī¸ Linux stack is healthy ✅" + break + fi + sleep 1 + i=$((i+1)) + done + if [ $i -ge 120 ] ; then + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + echo "↩ī¸ Linux stack is not healthy ❌" + exit 1 fi - sleep 1 - i=$((i+1)) - done - if [ $i -ge 120 ] ; then - docker compose logs - echo "↩ī¸ Docker stack is not healthy ❌" - exit 1 fi # Start tests - docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + if [ "$integration" == "docker" ] ; then + docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + else + python3 main.py + fi if [ $? -ne 0 ] ; then echo "↩ī¸ Test \"$test\" failed ❌" echo "🛡ī¸ Showing BunkerWeb and BunkerWeb Scheduler logs ..." - docker compose logs bw bw-scheduler + if [ "$integration" == "docker" ] ; then + docker compose logs bw bw-scheduler + else + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + echo "🛡ī¸ Showing Geckodriver logs ..." + sudo cat geckodriver.log + fi exit 1 else echo "↩ī¸ Test \"$test\" succeeded ✅" diff --git a/tests/core/redis/docker-compose.test.yml b/tests/core/redis/docker-compose.test.yml index 19332e357..ab2539d7e 100644 --- a/tests/core/redis/docker-compose.test.yml +++ b/tests/core/redis/docker-compose.test.yml @@ -7,7 +7,6 @@ services: PYTHONUNBUFFERED: "1" USE_REVERSE_SCAN: "no" USE_ANTIBOT: "no" - BLACKLIST_IP: "" REDIS_HOST: "bw-redis" REDIS_PORT: "6379" diff --git a/tests/core/redis/main.py b/tests/core/redis/main.py index 4201f2916..5c1d797c0 100644 --- a/tests/core/redis/main.py +++ b/tests/core/redis/main.py @@ -15,13 +15,13 @@ from uvicorn import run fastapi_proc = None try: - redis_host = getenv("REDIS_HOST") + redis_host = getenv("REDIS_HOST", "127.0.0.1") if not redis_host: print("❌ Redis host is not set, exiting ...", flush=True) exit(1) - redis_port = getenv("REDIS_PORT", "") + redis_port = getenv("REDIS_PORT", "6379") if not redis_port.isdigit(): print("❌ Redis port doesn't seem to be a number, exiting ...", flush=True) @@ -29,7 +29,7 @@ try: redis_port = int(redis_port) - redis_db = getenv("REDIS_DATABASE", "") + redis_db = getenv("REDIS_DATABASE", "0") if not redis_db.isdigit(): print("❌ Redis database doesn't seem to be a number, exiting ...", flush=True) @@ -63,7 +63,14 @@ try: print("ℹī¸ Testing Reverse Scan, starting FastAPI ...", flush=True) app = FastAPI() fastapi_proc = Process( - target=run, args=(app,), kwargs=dict(host="0.0.0.0", port=8080) + target=run, + args=(app,), + kwargs=dict( + host="0.0.0.0" + if getenv("TEST_TYPE", "docker") == "docker" + else "127.0.0.1", + port=8080, + ), ) fastapi_proc.start() diff --git a/tests/core/redis/test.sh b/tests/core/redis/test.sh index cb8fb017c..1353de817 100755 --- a/tests/core/redis/test.sh +++ b/tests/core/redis/test.sh @@ -1,26 +1,83 @@ #!/bin/bash -echo "🧰 Building redis stack ..." +integration=$1 + +if [ -z "$integration" ] ; then + echo "🧰 Please provide an integration name as argument ❌" + exit 1 +elif [ "$integration" != "docker" ] && [ "$integration" != "linux" ] ; then + echo "🧰 Integration \"$integration\" is not supported ❌" + exit 1 +fi + +echo "🧰 Building redis stack for integration \"$integration\" ..." # Starting stack -docker compose pull bw-docker -if [ $? -ne 0 ] ; then - echo "🧰 Pull failed ❌" - exit 1 -fi +if [ "$integration" = "docker" ] ; then + docker compose pull bw-docker + if [ $? -ne 0 ] ; then + echo "🧰 Pull failed ❌" + exit 1 + fi -echo "🧰 Building custom redis image ..." -docker compose build bw-redis -if [ $? -ne 0 ] ; then - echo "🧰 Build failed ❌" - exit 1 -fi + echo "🧰 Building custom redis image ..." + docker compose build bw-redis + if [ $? -ne 0 ] ; then + echo "🧰 Build failed ❌" + exit 1 + fi -echo "🧰 Building tests images ..." -docker compose -f docker-compose.test.yml build -if [ $? -ne 0 ] ; then - echo "🧰 Build failed ❌" - exit 1 + echo "🧰 Building tests images ..." + docker compose -f docker-compose.test.yml build + if [ $? -ne 0 ] ; then + echo "🧰 Build failed ❌" + exit 1 + fi +else + sudo systemctl stop bunkerweb + sudo sed -i "/^USE_BLACKLIST=/d" /etc/bunkerweb/variables.env + echo "BLACKLIST_IP_URLS=" | sudo tee -a /etc/bunkerweb/variables.env + echo "SESSIONS_NAME=test" | sudo tee -a /etc/bunkerweb/variables.env + echo "USE_REVERSE_SCAN=no" | sudo tee -a /etc/bunkerweb/variables.env + echo "USE_ANTIBOT=no" | sudo tee -a /etc/bunkerweb/variables.env + echo "USE_GREYLIST=yes" | sudo tee -a /etc/bunkerweb/variables.env + echo "GREYLIST_IP=0.0.0.0/0" | sudo tee -a /etc/bunkerweb/variables.env + echo "WHITELIST_COUNTRY=AU" | sudo tee -a /etc/bunkerweb/variables.env + + echo "🧰 Installing Redis ..." + sudo apt install --no-install-recommends -y redis + redis-server --daemonize yes + if [ $? -ne 0 ] ; then + echo "🧰 Redis start failed ❌" + exit 1 + fi + echo "🧰 Redis installed ✅" + + echo "🧰 Generating redis certs ..." + mkdir tls + openssl genrsa -out tls/ca.key 4096 + openssl req \ + -x509 -new -nodes -sha256 \ + -key tls/ca.key \ + -days 365 \ + -subj /CN=bw-redis/ \ + -out tls/ca.crt + openssl req \ + -x509 -nodes -newkey rsa:4096 \ + -keyout tls/redis.key \ + -out tls/redis.pem \ + -days 365 \ + -subj /CN=bw-redis/ + sudo chmod -R 640 tls + echo "🧰 Certs generated ✅" + + echo "USE_REDIS=yes" | sudo tee -a /etc/bunkerweb/variables.env + echo "REDIS_HOST=127.0.0.1" | sudo tee -a /etc/bunkerweb/variables.env + echo "REDIS_PORT=6379" | sudo tee -a /etc/bunkerweb/variables.env + echo "REDIS_DATABASE=0" | sudo tee -a /etc/bunkerweb/variables.env + echo "REDIS_SSL=no" | sudo tee -a /etc/bunkerweb/variables.env + sudo touch /var/www/html/index.html + export TEST_TYPE="linux" fi manual=0 @@ -28,12 +85,25 @@ end=0 cleanup_stack () { exit_code=$? if [[ $end -eq 1 || $exit_code = 1 ]] || [[ $end -eq 0 && $exit_code = 0 ]] && [ $manual = 0 ] ; then - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_REVERSE_SCAN: "yes"@USE_REVERSE_SCAN: "no"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_ANTIBOT: "cookie"@USE_ANTIBOT: "no"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@BLACKLIST_IP: "0\.0\.0\.0/0"@BLACKLIST_IP: ""@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIS_PORT: "[0-9]*"@REDIS_PORT: "6379"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIS_DATABASE: "1"@REDIS_DATABASE: "0"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIS_SSL: "yes"@REDIS_SSL: "no"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_REVERSE_SCAN: "yes"@USE_REVERSE_SCAN: "no"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_ANTIBOT: "cookie"@USE_ANTIBOT: "no"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIS_PORT: "[0-9]*"@REDIS_PORT: "6379"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIS_DATABASE: "1"@REDIS_DATABASE: "0"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIS_SSL: "yes"@REDIS_SSL: "no"@' {} \; + else + sudo rm -rf tls + sudo sed -i 's@USE_REVERSE_SCAN=.*$@USE_REVERSE_SCAN=no@' /etc/bunkerweb/variables.env + sudo sed -i 's@USE_ANTIBOT=.*$@USE_ANTIBOT=no@' /etc/bunkerweb/variables.env + sudo sed -i 's@REDIS_PORT=.*$@REDIS_PORT=6379@' /etc/bunkerweb/variables.env + sudo sed -i 's@REDIS_DATABASE=.*$@REDIS_DATABASE=0@' /etc/bunkerweb/variables.env + sudo sed -i 's@REDIS_SSL=.*$@REDIS_SSL=no@' /etc/bunkerweb/variables.env + unset USE_REVERSE_SCAN + unset USE_ANTIBOT + unset REDIS_PORT + unset REDIS_DATABASE + unset REDIS_SSL + fi if [[ $end -eq 1 && $exit_code = 0 ]] ; then return fi @@ -41,10 +111,15 @@ cleanup_stack () { echo "🧰 Cleaning up current stack ..." - docker compose down -v --remove-orphans + if [ "$integration" == "docker" ] ; then + docker compose down -v --remove-orphans + else + sudo systemctl stop bunkerweb + sudo truncate -s 0 /var/log/bunkerweb/error.log + fi if [ $? -ne 0 ] ; then - echo "🧰 Down failed ❌" + echo "🧰 Cleanup failed ❌" exit 1 fi @@ -60,29 +135,75 @@ do echo "🧰 Running tests with redis with default values ..." elif [ "$test" = "reverse_scan" ] ; then echo "🧰 Running tests with redis with reverse scan activated ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_REVERSE_SCAN: "no"@USE_REVERSE_SCAN: "yes"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_REVERSE_SCAN: "no"@USE_REVERSE_SCAN: "yes"@' {} \; + else + sudo sed -i 's@USE_REVERSE_SCAN=.*$@USE_REVERSE_SCAN=yes@' /etc/bunkerweb/variables.env + export USE_REVERSE_SCAN="yes" + fi elif [ "$test" = "antibot" ] ; then echo "🧰 Running tests with redis with antibot cookie activated ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_REVERSE_SCAN: "yes"@USE_REVERSE_SCAN: "no"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_ANTIBOT: "no"@USE_ANTIBOT: "cookie"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_REVERSE_SCAN: "yes"@USE_REVERSE_SCAN: "no"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_ANTIBOT: "no"@USE_ANTIBOT: "cookie"@' {} \; + else + sudo sed -i 's@USE_REVERSE_SCAN=.*$@USE_REVERSE_SCAN=no@' /etc/bunkerweb/variables.env + sudo sed -i 's@USE_ANTIBOT=.*$@USE_ANTIBOT=cookie@' /etc/bunkerweb/variables.env + export USE_REVERSE_SCAN="no" + export USE_ANTIBOT="cookie" + fi elif [ "$test" = "tweaked" ] ; then echo "🧰 Running tests with redis' settings tweaked ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_ANTIBOT: "cookie"@USE_ANTIBOT: "no"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIS_PORT: "[0-9]*"@REDIS_PORT: "6380"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIS_DATABASE: "0"@REDIS_DATABASE: "1"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIS_SSL: "no"@REDIS_SSL: "yes"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_ANTIBOT: "cookie"@USE_ANTIBOT: "no"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIS_PORT: "[0-9]*"@REDIS_PORT: "6380"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIS_DATABASE: "0"@REDIS_DATABASE: "1"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@REDIS_SSL: "no"@REDIS_SSL: "yes"@' {} \; + else + sudo sed -i 's@USE_ANTIBOT=.*$@USE_ANTIBOT=no@' /etc/bunkerweb/variables.env + sudo sed -i 's@REDIS_PORT=.*$@REDIS_PORT=6380@' /etc/bunkerweb/variables.env + sudo sed -i 's@REDIS_DATABASE=.*$@REDIS_DATABASE=1@' /etc/bunkerweb/variables.env + sudo sed -i 's@REDIS_SSL=.*$@REDIS_SSL=yes@' /etc/bunkerweb/variables.env + unset USE_ANTIBOT + unset REDIS_PORT + unset REDIS_DATABASE + unset REDIS_SSL + + echo "🧰 Stoping redis ..." + redis-cli shutdown + if [ $? -ne 0 ] ; then + echo "🧰 Redis stop failed ❌" + exit 1 + fi + echo "🧰 Redis stopped ✅" + echo "🧰 Starting redis with tweaked settings ..." + redis-server --tls-port 6380 --port 0 --tls-cert-file tls/redis.pem --tls-key-file tls/redis.key --tls-ca-cert-file tls/ca.crt --tls-auth-clients no --daemonize yes + if [ $? -ne 0 ] ; then + echo "🧰 Redis start failed ❌" + exit 1 + fi + echo "🧰 Redis started ✅" + fi fi echo "🧰 Starting stack ..." - docker compose up -d - if [ $? -ne 0 ] ; then - echo "🧰 Up failed, retrying ... ⚠ī¸" - manual=1 - cleanup_stack - manual=0 + if [ "$integration" == "docker" ] ; then docker compose up -d if [ $? -ne 0 ] ; then - echo "🧰 Up failed ❌" + echo "🧰 Up failed, retrying ... ⚠ī¸" + manual=1 + cleanup_stack + manual=0 + docker compose up -d + if [ $? -ne 0 ] ; then + echo "🧰 Up failed ❌" + exit 1 + fi + fi + else + sudo systemctl start bunkerweb + if [ $? -ne 0 ] ; then + echo "🧰 Start failed ❌" exit 1 fi fi @@ -90,37 +211,72 @@ do # Check if stack is healthy echo "🧰 Waiting for stack to be healthy ..." i=0 - while [ $i -lt 120 ] ; do - containers=("redis-bw-1" "redis-bw-scheduler-1") - healthy="true" - for container in "${containers[@]}" ; do - check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" - if [ "$check" = "" ] ; then - healthy="false" + if [ "$integration" == "docker" ] ; then + while [ $i -lt 120 ] ; do + containers=("redis-bw-1" "redis-bw-scheduler-1") + healthy="true" + for container in "${containers[@]}" ; do + check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" + if [ "$check" = "" ] ; then + healthy="false" + break + fi + done + if [ "$healthy" = "true" ] ; then + echo "🧰 Docker stack is healthy ✅" break fi + sleep 1 + i=$((i+1)) done - if [ "$healthy" = "true" ] ; then - echo "🧰 Docker stack is healthy ✅" - break + if [ $i -ge 120 ] ; then + docker compose logs + echo "🧰 Docker stack is not healthy ❌" + exit 1 + fi + else + while [ $i -lt 120 ] ; do + check="$(sudo cat /var/log/bunkerweb/error.log | grep "BunkerWeb is ready")" + if ! [ -z "$check" ] ; then + echo "🧰 Linux stack is healthy ✅" + break + fi + sleep 1 + i=$((i+1)) + done + if [ $i -ge 120 ] ; then + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + echo "🧰 Linux stack is not healthy ❌" + exit 1 fi - sleep 1 - i=$((i+1)) - done - if [ $i -ge 120 ] ; then - docker compose logs - echo "🧰 Docker stack is not healthy ❌" - exit 1 fi # Start tests - docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + if [ "$integration" == "docker" ] ; then + docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + else + python3 main.py + fi if [ $? -ne 0 ] ; then echo "🧰 Test \"$test\" failed ❌" echo "🛡ī¸ Showing BunkerWeb and BunkerWeb Scheduler logs ..." - docker compose logs bw bw-scheduler + if [ "$integration" == "docker" ] ; then + docker compose logs bw bw-scheduler + else + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + echo "🛡ī¸ Showing Geckodriver logs ..." + sudo cat geckodriver.log + fi exit 1 else echo "🧰 Test \"$test\" succeeded ✅" diff --git a/tests/core/reversescan/main.py b/tests/core/reversescan/main.py index 5e7c00b4c..a264935ac 100644 --- a/tests/core/reversescan/main.py +++ b/tests/core/reversescan/main.py @@ -8,13 +8,20 @@ from uvicorn import run app = FastAPI() -fastapi_proc = Process(target=run, args=(app,), kwargs=dict(host="0.0.0.0", port=80)) +fastapi_proc = Process( + target=run, + args=(app,), + kwargs=dict( + host="0.0.0.0" if getenv("TEST_TYPE", "docker") == "docker" else "127.0.0.1", + port=80, + ), +) fastapi_proc.start() sleep(1) try: - use_reverse_scan = getenv("USE_REVERSE_SCAN", "no") == "yes" + use_reverse_scan = getenv("USE_REVERSE_SCAN", "yes") == "yes" reverse_scan_ports = getenv("REVERSE_SCAN_PORTS", "22 80 443 3128 8000 8080") print(f"ℹī¸ Trying to access http://www.example.com ...", flush=True) diff --git a/tests/core/reversescan/test.sh b/tests/core/reversescan/test.sh index d20eb6d17..32e7c9b59 100755 --- a/tests/core/reversescan/test.sh +++ b/tests/core/reversescan/test.sh @@ -1,17 +1,36 @@ #!/bin/bash -echo "đŸ•ĩī¸ Building reversescan stack ..." +integration=$1 -# Starting stack -docker compose pull bw-docker -if [ $? -ne 0 ] ; then - echo "đŸ•ĩī¸ Pull failed ❌" +if [ -z "$integration" ] ; then + echo "đŸ•ĩī¸ Please provide an integration name as argument ❌" + exit 1 +elif [ "$integration" != "docker" ] && [ "$integration" != "linux" ] ; then + echo "đŸ•ĩī¸ Integration \"$integration\" is not supported ❌" exit 1 fi -docker compose -f docker-compose.test.yml build -if [ $? -ne 0 ] ; then - echo "đŸ•ĩī¸ Build failed ❌" - exit 1 + +echo "đŸ•ĩī¸ Building reversescan stack for integration \"$integration\" ..." + +# Starting stack +if [ "$integration" = "docker" ] ; then + docker compose pull bw-docker + if [ $? -ne 0 ] ; then + echo "đŸ•ĩī¸ Pull failed ❌" + exit 1 + fi + docker compose -f docker-compose.test.yml build + if [ $? -ne 0 ] ; then + echo "đŸ•ĩī¸ Build failed ❌" + exit 1 + fi +else + sudo systemctl stop bunkerweb + echo "USE_REVERSE_SCAN=yes" | sudo tee -a /etc/bunkerweb/variables.env + echo "REVERSE_SCAN_PORTS=22 80 443 3128 8000 8080" | sudo tee -a /etc/bunkerweb/variables.env + echo "REVERSE_SCAN_TIMEOUT=500" | sudo tee -a /etc/bunkerweb/variables.env + sudo touch /var/www/html/index.html + export TEST_TYPE="linux" fi manual=0 @@ -19,8 +38,15 @@ end=0 cleanup_stack () { exit_code=$? if [[ $end -eq 1 || $exit_code = 1 ]] || [[ $end -eq 0 && $exit_code = 0 ]] && [ $manual = 0 ] ; then - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_REVERSE_SCAN: "no"@USE_REVERSE_SCAN: "yes"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@REVERSE_SCAN_PORTS: ".*"$@REVERSE_SCAN_PORTS: "22 80 443 3128 8000 8080"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_REVERSE_SCAN: "no"@USE_REVERSE_SCAN: "yes"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@REVERSE_SCAN_PORTS: ".*"$@REVERSE_SCAN_PORTS: "22 80 443 3128 8000 8080"@' {} \; + else + sudo sed -i 's@USE_REVERSE_SCAN=.*$@USE_REVERSE_SCAN=yes@' /etc/bunkerweb/variables.env + sudo sed -i 's@REVERSE_SCAN_PORTS=.*$@REVERSE_SCAN_PORTS=22 80 443 3128 8000 8080@' /etc/bunkerweb/variables.env + unset USE_REVERSE_SCAN + unset REVERSE_SCAN_PORTS + fi if [[ $end -eq 1 && $exit_code = 0 ]] ; then return fi @@ -28,10 +54,15 @@ cleanup_stack () { echo "đŸ•ĩī¸ Cleaning up current stack ..." - docker compose down -v --remove-orphans + if [ "$integration" == "docker" ] ; then + docker compose down -v --remove-orphans + else + sudo systemctl stop bunkerweb + sudo truncate -s 0 /var/log/bunkerweb/error.log + fi if [ $? -ne 0 ] ; then - echo "đŸ•ĩī¸ Down failed ❌" + echo "đŸ•ĩī¸ Cleanup failed ❌" exit 1 fi @@ -47,22 +78,40 @@ do echo "đŸ•ĩī¸ Running tests with default reverse scan ..." elif [ "$test" = "tweaked_ports" ] ; then echo "đŸ•ĩī¸ Running tests while removing the 80 port being scanned ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@REVERSE_SCAN_PORTS: ".*"$@REVERSE_SCAN_PORTS: "22 443 3128 8000 8080"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@REVERSE_SCAN_PORTS: ".*"$@REVERSE_SCAN_PORTS: "22 443 3128 8000 8080"@' {} \; + else + sudo sed -i 's@REVERSE_SCAN_PORTS=.*$@REVERSE_SCAN_PORTS=22 443 3128 8000 8080@' /etc/bunkerweb/variables.env + export REVERSE_SCAN_PORTS="22 443 3128 8000 8080" + fi elif [ "$test" = "deactivated" ] ; then echo "đŸ•ĩī¸ Running tests without the reverse scan ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_REVERSE_SCAN: "yes"@USE_REVERSE_SCAN: "no"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_REVERSE_SCAN: "yes"@USE_REVERSE_SCAN: "no"@' {} \; + else + sudo sed -i 's@USE_REVERSE_SCAN=.*$@USE_REVERSE_SCAN=no@' /etc/bunkerweb/variables.env + export USE_REVERSE_SCAN="no" + fi fi echo "đŸ•ĩī¸ Starting stack ..." - docker compose up -d - if [ $? -ne 0 ] ; then - echo "đŸ•ĩī¸ Up failed, retrying ... ⚠ī¸" - manual=1 - cleanup_stack - manual=0 + if [ "$integration" == "docker" ] ; then docker compose up -d if [ $? -ne 0 ] ; then - echo "đŸ•ĩī¸ Up failed ❌" + echo "đŸ•ĩī¸ Up failed, retrying ... ⚠ī¸" + manual=1 + cleanup_stack + manual=0 + docker compose up -d + if [ $? -ne 0 ] ; then + echo "đŸ•ĩī¸ Up failed ❌" + exit 1 + fi + fi + else + sudo systemctl start bunkerweb + if [ $? -ne 0 ] ; then + echo "đŸ•ĩī¸ Start failed ❌" exit 1 fi fi @@ -70,37 +119,70 @@ do # Check if stack is healthy echo "đŸ•ĩī¸ Waiting for stack to be healthy ..." i=0 - while [ $i -lt 120 ] ; do - containers=("reversescan-bw-1" "reversescan-bw-scheduler-1") - healthy="true" - for container in "${containers[@]}" ; do - check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" - if [ "$check" = "" ] ; then - healthy="false" + if [ "$integration" == "docker" ] ; then + while [ $i -lt 120 ] ; do + containers=("reversescan-bw-1" "reversescan-bw-scheduler-1") + healthy="true" + for container in "${containers[@]}" ; do + check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" + if [ "$check" = "" ] ; then + healthy="false" + break + fi + done + if [ "$healthy" = "true" ] ; then + echo "đŸ•ĩī¸ Docker stack is healthy ✅" break fi + sleep 1 + i=$((i+1)) done - if [ "$healthy" = "true" ] ; then - echo "đŸ•ĩī¸ Docker stack is healthy ✅" - break + if [ $i -ge 120 ] ; then + docker compose logs + echo "đŸ•ĩī¸ Docker stack is not healthy ❌" + exit 1 + fi + else + while [ $i -lt 120 ] ; do + check="$(sudo cat /var/log/bunkerweb/error.log | grep "BunkerWeb is ready")" + if ! [ -z "$check" ] ; then + echo "đŸ•ĩī¸ Linux stack is healthy ✅" + break + fi + sleep 1 + i=$((i+1)) + done + if [ $i -ge 120 ] ; then + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + echo "đŸ•ĩī¸ Linux stack is not healthy ❌" + exit 1 fi - sleep 1 - i=$((i+1)) - done - if [ $i -ge 120 ] ; then - docker compose logs - echo "đŸ•ĩī¸ Docker stack is not healthy ❌" - exit 1 fi # Start tests - docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + if [ "$integration" == "docker" ] ; then + docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + else + python3 main.py + fi if [ $? -ne 0 ] ; then echo "đŸ•ĩī¸ Test \"$test\" failed ❌" echo "🛡ī¸ Showing BunkerWeb and BunkerWeb Scheduler logs ..." - docker compose logs bw bw-scheduler + if [ "$integration" == "docker" ] ; then + docker compose logs bw bw-scheduler + else + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + fi exit 1 else echo "đŸ•ĩī¸ Test \"$test\" succeeded ✅" diff --git a/tests/core/selfsigned/test.sh b/tests/core/selfsigned/test.sh index 23e4c058d..4157340b4 100755 --- a/tests/core/selfsigned/test.sh +++ b/tests/core/selfsigned/test.sh @@ -1,17 +1,35 @@ #!/bin/bash -echo "🔑 Building selfsigned stack ..." +integration=$1 -# Starting stack -docker compose pull bw-docker -if [ $? -ne 0 ] ; then - echo "🔑 Pull failed ❌" +if [ -z "$integration" ] ; then + echo "🔑 Please provide an integration name as argument ❌" + exit 1 +elif [ "$integration" != "docker" ] && [ "$integration" != "linux" ] ; then + echo "🔑 Integration \"$integration\" is not supported ❌" exit 1 fi -docker compose -f docker-compose.test.yml build -if [ $? -ne 0 ] ; then - echo "🔑 Build failed ❌" - exit 1 + +echo "🔑 Building selfsigned stack for integration \"$integration\" ..." + +# Starting stack +if [ "$integration" = "docker" ] ; then + docker compose pull bw-docker + if [ $? -ne 0 ] ; then + echo "🔑 Pull failed ❌" + exit 1 + fi + docker compose -f docker-compose.test.yml build + if [ $? -ne 0 ] ; then + echo "🔑 Build failed ❌" + exit 1 + fi +else + sudo systemctl stop bunkerweb + echo "GENERATE_SELF_SIGNED_SSL=no" | sudo tee -a /etc/bunkerweb/variables.env + echo "SELF_SIGNED_SSL_EXPIRY=365" | sudo tee -a /etc/bunkerweb/variables.env + echo "SELF_SIGNED_SSL_SUBJ=/CN=www.example.com/" | sudo tee -a /etc/bunkerweb/variables.env + sudo touch /var/www/html/index.html fi manual=0 @@ -19,9 +37,18 @@ end=0 cleanup_stack () { exit_code=$? if [[ $end -eq 1 || $exit_code = 1 ]] || [[ $end -eq 0 && $exit_code = 0 ]] && [ $manual = 0 ] ; then - find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "yes"@GENERATE_SELF_SIGNED_SSL: "no"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@SELF_SIGNED_SSL_EXPIRY: "30"@SELF_SIGNED_SSL_EXPIRY: "365"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@SELF_SIGNED_SSL_SUBJ: "/CN=example.com/"@SELF_SIGNED_SSL_SUBJ: "/CN=www.example.com/"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "yes"@GENERATE_SELF_SIGNED_SSL: "no"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@SELF_SIGNED_SSL_EXPIRY: "30"@SELF_SIGNED_SSL_EXPIRY: "365"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@SELF_SIGNED_SSL_SUBJ: "/CN=example.com/"@SELF_SIGNED_SSL_SUBJ: "/CN=www.example.com/"@' {} \; + else + sudo sed -i 's@GENERATE_SELF_SIGNED_SSL=.*$@GENERATE_SELF_SIGNED_SSL=no@' /etc/bunkerweb/variables.env + sudo sed -i 's@SELF_SIGNED_SSL_EXPIRY=.*$@SELF_SIGNED_SSL_EXPIRY=365@' /etc/bunkerweb/variables.env + sudo sed -i 's@SELF_SIGNED_SSL_SUBJ=.*$@SELF_SIGNED_SSL_SUBJ=/CN=www.example.com/@' /etc/bunkerweb/variables.env + unset GENERATE_SELF_SIGNED_SSL + unset SELF_SIGNED_SSL_EXPIRY + unset SELF_SIGNED_SSL_SUBJ + fi if [[ $end -eq 1 && $exit_code = 0 ]] ; then return fi @@ -29,10 +56,15 @@ cleanup_stack () { echo "🔑 Cleaning up current stack ..." - docker compose down -v --remove-orphans + if [ "$integration" == "docker" ] ; then + docker compose down -v --remove-orphans + else + sudo systemctl stop bunkerweb + sudo truncate -s 0 /var/log/bunkerweb/error.log + fi if [ $? -ne 0 ] ; then - echo "🔑 Down failed ❌" + echo "🔑 Cleanup failed ❌" exit 1 fi @@ -48,23 +80,44 @@ do echo "🔑 Running tests without selfsigned ..." elif [ "$test" = "activated" ] ; then echo "🔑 Running tests with selfsigned activated ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "no"@GENERATE_SELF_SIGNED_SSL: "yes"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "no"@GENERATE_SELF_SIGNED_SSL: "yes"@' {} \; + else + sudo sed -i 's@GENERATE_SELF_SIGNED_SSL=.*$@GENERATE_SELF_SIGNED_SSL=yes@' /etc/bunkerweb/variables.env + export GENERATE_SELF_SIGNED_SSL="yes" + fi elif [ "$test" = "tweaked_options" ] ; then echo "🔑 Running tests with selfsigned's options tweaked ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@SELF_SIGNED_SSL_EXPIRY: "365"@SELF_SIGNED_SSL_EXPIRY: "30"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@SELF_SIGNED_SSL_SUBJ: "/CN=www.example.com/"@SELF_SIGNED_SSL_SUBJ: "/CN=example.com/"@' {} \; + echo "ℹī¸ Keeping the generated self-signed SSL certificate" + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@SELF_SIGNED_SSL_EXPIRY: "365"@SELF_SIGNED_SSL_EXPIRY: "30"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@SELF_SIGNED_SSL_SUBJ: "/CN=www.example.com/"@SELF_SIGNED_SSL_SUBJ: "/CN=example.com/"@' {} \; + else + sudo sed -i 's@SELF_SIGNED_SSL_EXPIRY=.*$@SELF_SIGNED_SSL_EXPIRY=30@' /etc/bunkerweb/variables.env + sudo sed -i 's@SELF_SIGNED_SSL_SUBJ=.*$@SELF_SIGNED_SSL_SUBJ=/CN=example.com/@' /etc/bunkerweb/variables.env + export SELF_SIGNED_SSL_EXPIRY="30" + export SELF_SIGNED_SSL_SUBJ="/CN=example.com/" + fi fi echo "🔑 Starting stack ..." - docker compose up -d - if [ $? -ne 0 ] ; then - echo "🔑 Up failed, retrying ... ⚠ī¸" - manual=1 - cleanup_stack - manual=0 + if [ "$integration" == "docker" ] ; then docker compose up -d if [ $? -ne 0 ] ; then - echo "🔑 Up failed ❌" + echo "🔑 Up failed, retrying ... ⚠ī¸" + manual=1 + cleanup_stack + manual=0 + docker compose up -d + if [ $? -ne 0 ] ; then + echo "🔑 Up failed ❌" + exit 1 + fi + fi + else + sudo systemctl start bunkerweb + if [ $? -ne 0 ] ; then + echo "🔑 Start failed ❌" exit 1 fi fi @@ -72,37 +125,70 @@ do # Check if stack is healthy echo "🔑 Waiting for stack to be healthy ..." i=0 - while [ $i -lt 120 ] ; do - containers=("selfsigned-bw-1" "selfsigned-bw-scheduler-1") - healthy="true" - for container in "${containers[@]}" ; do - check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" - if [ "$check" = "" ] ; then - healthy="false" + if [ "$integration" == "docker" ] ; then + while [ $i -lt 120 ] ; do + containers=("selfsigned-bw-1" "selfsigned-bw-scheduler-1") + healthy="true" + for container in "${containers[@]}" ; do + check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" + if [ "$check" = "" ] ; then + healthy="false" + break + fi + done + if [ "$healthy" = "true" ] ; then + echo "🔑 Docker stack is healthy ✅" break fi + sleep 1 + i=$((i+1)) done - if [ "$healthy" = "true" ] ; then - echo "🔑 Docker stack is healthy ✅" - break + if [ $i -ge 120 ] ; then + docker compose logs + echo "🔑 Docker stack is not healthy ❌" + exit 1 + fi + else + while [ $i -lt 120 ] ; do + check="$(sudo cat /var/log/bunkerweb/error.log | grep "BunkerWeb is ready")" + if ! [ -z "$check" ] ; then + echo "🔑 Linux stack is healthy ✅" + break + fi + sleep 1 + i=$((i+1)) + done + if [ $i -ge 120 ] ; then + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + echo "🔑 Linux stack is not healthy ❌" + exit 1 fi - sleep 1 - i=$((i+1)) - done - if [ $i -ge 120 ] ; then - docker compose logs - echo "🔑 Docker stack is not healthy ❌" - exit 1 fi # Start tests - docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + if [ "$integration" == "docker" ] ; then + docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + else + python3 main.py + fi if [ $? -ne 0 ] ; then echo "🔑 Test \"$test\" failed ❌" echo "🛡ī¸ Showing BunkerWeb and BunkerWeb Scheduler logs ..." - docker compose logs bw bw-scheduler + if [ "$integration" == "docker" ] ; then + docker compose logs bw bw-scheduler + else + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + fi exit 1 else echo "🔑 Test \"$test\" succeeded ✅" diff --git a/tests/core/sessions/main.py b/tests/core/sessions/main.py index 10215850e..5d882c72b 100644 --- a/tests/core/sessions/main.py +++ b/tests/core/sessions/main.py @@ -58,7 +58,10 @@ try: print("ℹī¸ Reloading BunkerWeb ...", flush=True) - response = post("http://192.168.0.2:5000/reload", headers={"Host": "bwapi"}) + response = post( + f"http://{'192.168.0.2' if getenv('TEST_TYPE', 'docker') == 'docker' else '127.0.0.1'}:5000/reload", + headers={"Host": "bwapi"}, + ) if response.status_code != 200: print("❌ An error occurred when restarting BunkerWeb, exiting ...", flush=True) diff --git a/tests/core/sessions/test.sh b/tests/core/sessions/test.sh index 4f0e03ad8..544aa276b 100755 --- a/tests/core/sessions/test.sh +++ b/tests/core/sessions/test.sh @@ -1,17 +1,36 @@ #!/bin/bash -echo "đŸ§ŗ Building sessions stack ..." +integration=$1 -# Starting stack -docker compose pull bw-docker -if [ $? -ne 0 ] ; then - echo "đŸ§ŗ Pull failed ❌" +if [ -z "$integration" ] ; then + echo "đŸ§ŗ Please provide an integration name as argument ❌" + exit 1 +elif [ "$integration" != "docker" ] && [ "$integration" != "linux" ] ; then + echo "đŸ§ŗ Integration \"$integration\" is not supported ❌" exit 1 fi -docker compose -f docker-compose.test.yml build -if [ $? -ne 0 ] ; then - echo "đŸ§ŗ Build failed ❌" - exit 1 + +echo "đŸ§ŗ Building sessions stack for integration \"$integration\" ..." + +# Starting stack +if [ "$integration" = "docker" ] ; then + docker compose pull bw-docker + if [ $? -ne 0 ] ; then + echo "đŸ§ŗ Pull failed ❌" + exit 1 + fi + docker compose -f docker-compose.test.yml build + if [ $? -ne 0 ] ; then + echo "đŸ§ŗ Build failed ❌" + exit 1 + fi +else + sudo systemctl stop bunkerweb + echo "USE_ANTIBOT=cookie" | sudo tee -a /etc/bunkerweb/variables.env + echo "SESSIONS_SECRET=random" | sudo tee -a /etc/bunkerweb/variables.env + echo "SESSIONS_NAME=random" | sudo tee -a /etc/bunkerweb/variables.env + sudo touch /var/www/html/index.html + export TEST_TYPE="linux" fi manual=0 @@ -19,8 +38,15 @@ end=0 cleanup_stack () { exit_code=$? if [[ $end -eq 1 || $exit_code = 1 ]] || [[ $end -eq 0 && $exit_code = 0 ]] && [ $manual = 0 ] ; then - find . -type f -name 'docker-compose.*' -exec sed -i 's@SESSIONS_SECRET: ".*"$@SESSIONS_SECRET: "random"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@SESSIONS_NAME: ".*"$@SESSIONS_NAME: "random"@' {} \; + if [ "$integration" = "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@SESSIONS_SECRET: ".*"$@SESSIONS_SECRET: "random"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@SESSIONS_NAME: ".*"$@SESSIONS_NAME: "random"@' {} \; + else + sudo sed -i 's@SESSIONS_SECRET=.*$@SESSIONS_SECRET=random@' /etc/bunkerweb/variables.env + sudo sed -i 's@SESSIONS_NAME=.*$@SESSIONS_NAME=random@' /etc/bunkerweb/variables.env + unset SESSIONS_SECRET + unset SESSIONS_NAME + fi if [[ $end -eq 1 && $exit_code = 0 ]] ; then return fi @@ -28,10 +54,15 @@ cleanup_stack () { echo "đŸ§ŗ Cleaning up current stack ..." - docker compose down -v --remove-orphans + if [ "$integration" == "docker" ] ; then + docker compose down -v --remove-orphans + else + sudo systemctl stop bunkerweb + sudo truncate -s 0 /var/log/bunkerweb/error.log + fi if [ $? -ne 0 ] ; then - echo "đŸ§ŗ Down failed ❌" + echo "đŸ§ŗ Cleanup failed ❌" exit 1 fi @@ -47,23 +78,43 @@ do echo "đŸ§ŗ Running tests with random secret and random name ..." elif [ "$test" = "manual_name" ] ; then echo "đŸ§ŗ Running tests where session name is equal to \"test\" ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@SESSIONS_NAME: ".*"$@SESSIONS_NAME: "test"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@SESSIONS_NAME: ".*"$@SESSIONS_NAME: "test"@' {} \; + else + sudo sed -i 's@SESSIONS_NAME=.*$@SESSIONS_NAME=test@' /etc/bunkerweb/variables.env + export SESSIONS_NAME="test" + fi elif [ "$test" = "manual_secret" ] ; then echo "đŸ§ŗ Running tests where session secret is equal to \"test\" ..." - find . -type f -name 'docker-compose.*' -exec sed -i 's@SESSIONS_NAME: ".*"$@SESSIONS_NAME: "random"@' {} \; - find . -type f -name 'docker-compose.*' -exec sed -i 's@SESSIONS_SECRET: ".*"$@SESSIONS_SECRET: "test"@' {} \; + if [ "$integration" == "docker" ] ; then + find . -type f -name 'docker-compose.*' -exec sed -i 's@SESSIONS_NAME: ".*"$@SESSIONS_NAME: "random"@' {} \; + find . -type f -name 'docker-compose.*' -exec sed -i 's@SESSIONS_SECRET: ".*"$@SESSIONS_SECRET: "test"@' {} \; + else + sudo sed -i 's@SESSIONS_NAME=.*$@SESSIONS_NAME=random@' /etc/bunkerweb/variables.env + sudo sed -i 's@SESSIONS_SECRET=.*$@SESSIONS_SECRET=test@' /etc/bunkerweb/variables.env + unset SESSIONS_NAME + export SESSIONS_SECRET="test" + fi fi echo "đŸ§ŗ Starting stack ..." - docker compose up -d - if [ $? -ne 0 ] ; then - echo "đŸ§ŗ Up failed, retrying ... ⚠ī¸" - manual=1 - cleanup_stack - manual=0 + if [ "$integration" == "docker" ] ; then docker compose up -d if [ $? -ne 0 ] ; then - echo "đŸ§ŗ Up failed ❌" + echo "đŸ§ŗ Up failed, retrying ... ⚠ī¸" + manual=1 + cleanup_stack + manual=0 + docker compose up -d + if [ $? -ne 0 ] ; then + echo "đŸ§ŗ Up failed ❌" + exit 1 + fi + fi + else + sudo systemctl start bunkerweb + if [ $? -ne 0 ] ; then + echo "đŸ§ŗ Start failed ❌" exit 1 fi fi @@ -71,37 +122,72 @@ do # Check if stack is healthy echo "đŸ§ŗ Waiting for stack to be healthy ..." i=0 - while [ $i -lt 120 ] ; do - containers=("sessions-bw-1" "sessions-bw-scheduler-1") - healthy="true" - for container in "${containers[@]}" ; do - check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" - if [ "$check" = "" ] ; then - healthy="false" + if [ "$integration" == "docker" ] ; then + while [ $i -lt 120 ] ; do + containers=("sessions-bw-1" "sessions-bw-scheduler-1") + healthy="true" + for container in "${containers[@]}" ; do + check="$(docker inspect --format "{{json .State.Health }}" $container | grep "healthy")" + if [ "$check" = "" ] ; then + healthy="false" + break + fi + done + if [ "$healthy" = "true" ] ; then + echo "đŸ§ŗ Docker stack is healthy ✅" break fi + sleep 1 + i=$((i+1)) done - if [ "$healthy" = "true" ] ; then - echo "đŸ§ŗ Docker stack is healthy ✅" - break + if [ $i -ge 120 ] ; then + docker compose logs + echo "đŸ§ŗ Docker stack is not healthy ❌" + exit 1 + fi + else + while [ $i -lt 120 ] ; do + check="$(sudo cat /var/log/bunkerweb/error.log | grep "BunkerWeb is ready")" + if ! [ -z "$check" ] ; then + echo "đŸ§ŗ Linux stack is healthy ✅" + break + fi + sleep 1 + i=$((i+1)) + done + if [ $i -ge 120 ] ; then + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + echo "đŸ§ŗ Linux stack is not healthy ❌" + exit 1 fi - sleep 1 - i=$((i+1)) - done - if [ $i -ge 120 ] ; then - docker compose logs - echo "đŸ§ŗ Docker stack is not healthy ❌" - exit 1 fi # Start tests - docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + if [ "$integration" == "docker" ] ; then + docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests + else + python3 main.py + fi if [ $? -ne 0 ] ; then echo "đŸ§ŗ Test \"$test\" failed ❌" echo "🛡ī¸ Showing BunkerWeb and BunkerWeb Scheduler logs ..." - docker compose logs bw bw-scheduler + if [ "$integration" == "docker" ] ; then + docker compose logs bw bw-scheduler + else + sudo journalctl -u bunkerweb --no-pager + echo "🛡ī¸ Showing BunkerWeb error logs ..." + sudo cat /var/log/bunkerweb/error.log + echo "🛡ī¸ Showing BunkerWeb access logs ..." + sudo cat /var/log/bunkerweb/access.log + echo "🛡ī¸ Showing Geckodriver logs ..." + sudo cat geckodriver.log + fi exit 1 else echo "đŸ§ŗ Test \"$test\" succeeded ✅"