Elgato_dark/bunkerweb
1
0
Fork 0
mirror of https://github.com/bunkerity/bunkerweb synced 2026-05-24 09:28:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add ALLOWED_METHODS setting to all web UI related config

Browse source
This commit is contained in:
Théophile Diot 2024-08-15 13:06:57 +01:00
parent 3502f91aaf
commit 16039044ab
No known key found for this signature in database
GPG key ID: FA995104A0BA376A
16 changed files with 31 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
docs/web-ui.md
View file

@ -815,6 +815,7 @@ To keep the logs accessible from the web UI, you will need to use `syslog-ng` to
www.example.com_INTERCEPTED_ERROR_CODES: "400 404 405 413 429 500 501 502 503 504"
www.example.com_GENERATE_SELF_SIGNED_SSL: "yes"
www.example.com_MAX_CLIENT_SIZE: "50m"
www.example.com_ALLOWED_METHODS: "GET|POST|PUT|DELETE"
volumes:
- bw-data:/data # This is used to persist the cache and other data like the backups
restart: "unless-stopped"
@ -978,6 +979,7 @@ To keep the logs accessible from the web UI, you will need to use `syslog-ng` to
- "bunkerweb.INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504"
- "bunkerweb.GENERATE_SELF_SIGNED_SSL=yes"
- "bunkerweb.MAX_CLIENT_SIZE=50m"
- "bunkerweb.ALLOWED_METHODS=GET|POST|PUT|DELETE"
logging:
driver: syslog
options:
@ -1165,6 +1167,7 @@ To keep the logs accessible from the web UI, you will need to use `syslog-ng` to
- "bunkerweb.INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504"
- "bunkerweb.GENERATE_SELF_SIGNED_SSL=yes"
- "bunkerweb.MAX_CLIENT_SIZE=50m"
- "bunkerweb.ALLOWED_METHODS=GET|POST|PUT|DELETE"
logging:
driver: syslog
options:
@ -1451,6 +1454,7 @@ After a successful login/password combination, you will be prompted to enter you
www.example.com_INTERCEPTED_ERROR_CODES: "400 404 405 413 429 500 501 502 503 504"
www.example.com_GENERATE_SELF_SIGNED_SSL: "yes"
www.example.com_MAX_CLIENT_SIZE: "50m"
www.example.com_ALLOWED_METHODS: "GET|POST|PUT|DELETE"
volumes:
- bw-data:/data # This is used to persist the cache and other data like the backups
networks:
@ -1611,6 +1615,7 @@ After a successful login/password combination, you will be prompted to enter you
- "bunkerweb.INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504"
- "bunkerweb.GENERATE_SELF_SIGNED_SSL=yes"
- "bunkerweb.MAX_CLIENT_SIZE=50m"
- "bunkerweb.ALLOWED_METHODS=GET|POST|PUT|DELETE"
networks:
- bw-universe
- bw-db
@ -1780,6 +1785,7 @@ After a successful login/password combination, you will be prompted to enter you
- "bunkerweb.INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504"
- "bunkerweb.GENERATE_SELF_SIGNED_SSL=yes"
- "bunkerweb.MAX_CLIENT_SIZE=50m"
- "bunkerweb.ALLOWED_METHODS=GET|POST|PUT|DELETE"
volumes:
bw-db:
@ -2154,6 +2160,7 @@ After a successful login/password combination, you will be prompted to enter you
bunkerweb.io/www.example.com_INTERCEPTED_ERROR_CODES: "400 404 405 413 429 500 501 502 503 504"
bunkerweb.io/www.example.com_GENERATE_SELF_SIGNED_SSL: "yes"
bunkerweb.io/www.example.com_MAX_CLIENT_SIZE: "50m"
bunkerweb.io/www.example.com_ALLOWED_METHODS: "GET|POST|PUT|DELETE"
spec:
rules:
- host: www.example.com
@ -2214,6 +2221,7 @@ After a successful login/password combination, you will be prompted to enter you
www.example.com_INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504
www.example.com_GENERATE_SELF_SIGNED_SSL=yes
www.example.com_MAX_CLIENT_SIZE=50m
www.example.com_ALLOWED_METHODS=GET|POST|PUT|DELETE
```
Don't forget to reload the `bunkerweb` service :

2
misc/dev/docker-compose.autoconf.ui.misc.yml
View file

@ -129,6 +129,8 @@ services:
- "bunkerweb.REVERSE_PROXY_URL=/admin"
- "bunkerweb.REVERSE_PROXY_HOST=http://bw-ui:7000"
- "bunkerweb.INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504"
- "bunkerweb.MAX_CLIENT_SIZE=50m"
- "bunkerweb.ALLOWED_METHODS=GET|POST|PUT|DELETE"
- "bunkerweb.GENERATE_SELF_SIGNED_SSL=yes"
- bunkerweb.CUSTOM_CONF_MODSEC_CRS_ip-host=SecRuleRemoveById 920350
logging:

2
misc/dev/docker-compose.autoconf.ui.yml
View file

@ -126,6 +126,8 @@ services:
- "bunkerweb.REVERSE_PROXY_URL=/admin"
- "bunkerweb.REVERSE_PROXY_HOST=http://bw-ui:7000"
- "bunkerweb.INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504"
- "bunkerweb.MAX_CLIENT_SIZE=50m"
- "bunkerweb.ALLOWED_METHODS=GET|POST|PUT|DELETE"
- "bunkerweb.GENERATE_SELF_SIGNED_SSL=yes"
logging:
driver: syslog

2
misc/dev/docker-compose.ui.1.5.yml
View file

@ -32,6 +32,8 @@ services:
- www.example.com_REVERSE_PROXY_URL=/admin
- www.example.com_REVERSE_PROXY_HOST=http://bw-ui:7000
- www.example.com_INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504
- www.example.com_MAX_CLIENT_SIZE=50m
- www.example.com_ALLOWED_METHODS=GET|POST|PUT|DELETE
- www.example.com_GENERATE_SELF_SIGNED_SSL=yes
- www.example.com_CUSTOM_CONF_MODSEC_CRS_ip-host=SecRuleRemoveById 920350
- app1.example.com_USE_REVERSE_PROXY=yes

8
misc/dev/docker-compose.ui.misc.yml
View file

@ -8,9 +8,9 @@ services:
context: ../..
dockerfile: ./src/bw/Dockerfile
ports:
- 80:8080/tcp
- 443:8443/tcp
- 443:8443/udp
- 8888:8080/tcp
- 8443:8443/tcp
- 8443:8443/udp
environment:
- API_WHITELIST_IP=127.0.0.0/24 10.20.30.0/24
restart: "unless-stopped"
@ -59,6 +59,8 @@ services:
www.example.com_REVERSE_PROXY_URL: "/admin"
www.example.com_REVERSE_PROXY_HOST: "http://bw-ui:7000"
www.example.com_INTERCEPTED_ERROR_CODES: "400 404 405 413 429 500 501 502 503 504"
www.example.com_MAX_CLIENT_SIZE: "50m"
www.example.com_ALLOWED_METHODS: "GET|POST|PUT|DELETE"
www.example.com_GENERATE_SELF_SIGNED_SSL: "yes"
app1.example.com_USE_REVERSE_PROXY: "yes"
app1.example.com_REVERSE_PROXY_URL: "/"

2
misc/dev/docker-compose.ui.yml
View file

@ -56,6 +56,8 @@ services:
www.example.com_REVERSE_PROXY_URL: "/admin"
www.example.com_REVERSE_PROXY_HOST: "http://bw-ui:7000"
www.example.com_INTERCEPTED_ERROR_CODES: "400 404 405 413 429 500 501 502 503 504"
www.example.com_MAX_CLIENT_SIZE: "50m"
www.example.com_ALLOWED_METHODS: "GET|POST|PUT|DELETE"
www.example.com_GENERATE_SELF_SIGNED_SSL: "yes"
app1.example.com_USE_REVERSE_PROXY: "yes"
app1.example.com_REVERSE_PROXY_URL: "/"

1
misc/integrations/autoconf.mariadb.ui.yml
View file

@ -63,6 +63,7 @@ services:
- "bunkerweb.REVERSE_PROXY_HOST=http://bw-ui:7000"
- "bunkerweb.INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504"
- "bunkerweb.MAX_CLIENT_SIZE=50m"
- "bunkerweb.ALLOWED_METHODS=GET|POST|PUT|DELETE"
bw-db:
image: mariadb:11

1
misc/integrations/autoconf.mysql.ui.yml
View file

@ -63,6 +63,7 @@ services:
- "bunkerweb.REVERSE_PROXY_HOST=http://bw-ui:7000"
- "bunkerweb.INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504"
- "bunkerweb.MAX_CLIENT_SIZE=50m"
- "bunkerweb.ALLOWED_METHODS=GET|POST|PUT|DELETE"
bw-db:
image: mysql:8

1
misc/integrations/autoconf.postgres.ui.yml
View file

@ -63,6 +63,7 @@ services:
- "bunkerweb.REVERSE_PROXY_HOST=http://bw-ui:7000"
- "bunkerweb.INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504"
- "bunkerweb.MAX_CLIENT_SIZE=50m"
- "bunkerweb.ALLOWED_METHODS=GET|POST|PUT|DELETE"
bw-db:
image: postgres:16-alpine

1
misc/integrations/docker.mariadb.ui.yml
View file

@ -38,6 +38,7 @@ services:
www.example.com_REVERSE_PROXY_HOST: "http://bw-ui:7000"
www.example.com_INTERCEPTED_ERROR_CODES: "400 404 405 413 429 500 501 502 503 504"
www.example.com_MAX_CLIENT_SIZE: "50m"
www.example.com_ALLOWED_METHODS: "GET|POST|PUT|DELETE"
networks:
- bw-universe
- bw-db

1
misc/integrations/docker.mysql.ui.yml
View file

@ -38,6 +38,7 @@ services:
www.example.com_REVERSE_PROXY_HOST: "http://bw-ui:7000"
www.example.com_INTERCEPTED_ERROR_CODES: "400 404 405 413 429 500 501 502 503 504"
www.example.com_MAX_CLIENT_SIZE: "50m"
www.example.com_ALLOWED_METHODS: "GET|POST|PUT|DELETE"
networks:
- bw-universe
- bw-db

1
misc/integrations/docker.postgres.ui.yml
View file

@ -37,6 +37,7 @@ services:
www.example.com_REVERSE_PROXY_HOST: "http://bw-ui:7000"
www.example.com_INTERCEPTED_ERROR_CODES: "400 404 405 413 429 500 501 502 503 504"
www.example.com_MAX_CLIENT_SIZE: "50m"
www.example.com_ALLOWED_METHODS: "GET|POST|PUT|DELETE"
networks:
- bw-universe
- bw-db

1
misc/integrations/swarm.mariadb.ui.yml
View file

@ -78,6 +78,7 @@ services:
- "bunkerweb.REVERSE_PROXY_HOST=http://bw-ui:7000"
- "bunkerweb.INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504"
- "bunkerweb.MAX_CLIENT_SIZE=50m"
- "bunkerweb.ALLOWED_METHODS=GET|POST|PUT|DELETE"
bw-db:
image: mariadb:11

1
misc/integrations/swarm.mysql.ui.yml
View file

@ -78,6 +78,7 @@ services:
- "bunkerweb.REVERSE_PROXY_HOST=http://bw-ui:7000"
- "bunkerweb.INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504"
- "bunkerweb.MAX_CLIENT_SIZE=50m"
- "bunkerweb.ALLOWED_METHODS=GET|POST|PUT|DELETE"
bw-db:
image: mysql:8

1
misc/integrations/swarm.postgres.ui.yml
View file

@ -78,6 +78,7 @@ services:
- "bunkerweb.REVERSE_PROXY_HOST=http://bw-ui:7000"
- "bunkerweb.INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504"
- "bunkerweb.MAX_CLIENT_SIZE=50m"
- "bunkerweb.ALLOWED_METHODS=GET|POST|PUT|DELETE"
bw-db:
image: postgres:16-alpine

1
src/ui/main.py
View file

@ -707,6 +707,7 @@ def setup():
"REVERSE_PROXY_HOST": request.form["ui_host"],
"REVERSE_PROXY_URL": request.form["ui_url"] or "/",
"INTERCEPTED_ERROR_CODES": "400 404 405 413 429 500 501 502 503 504",
"ALLOWED_METHODS": "GET|POST|PUT|DELETE",
"MAX_CLIENT_SIZE": "50m",
"KEEP_UPSTREAM_HEADERS": "Content-Security-Policy Strict-Transport-Security X-Frame-Options X-Content-Type-Options Referrer-Policy",
}