diff --git a/docs/plugins.md b/docs/plugins.md index 406ab0663..8a051873b 100644 --- a/docs/plugins.md +++ b/docs/plugins.md @@ -120,16 +120,33 @@ The first step is to install the plugin by putting the plugin files inside the c ``` === "Ansible" - When using the [Ansible integration](/1.4/integrations/#ansible), plugins must be written to the varaibles `plugins` within your Ansible inventory. : + When using the [Ansible integration](/1.4/integrations/#ansible), you can use the `plugins` variable to set a local folder containing your plugins that will be copied to your BunkerWeb instances. + + Let's assume that you have plugins inside the `bunkerweb-plugins` folder : + ```shell + git clone https://github.com/bunkerity/bunkerweb-plugins + ``` + + In your Ansible inventory, you can use the `plugins` variable to set the path of plugins folder : ```ini - [all] - "Your_IP" - - [all:vars] - plugins="PathToYourPlugins" + [mybunkers] + 192.168.0.42 ... plugins="{{ playbook_dir }}/bunkerweb-plugins" ``` + + Or alternatively, in your playbook file : + ```yaml + - hosts: all + become: true + vars: + - variables_env: "{{ playbook_dir }}/my_variables.env" + roles: + - bunkerweb + ``` -When a plugin is installed, you are ready to use it, please refer to the plugin documentation for more information. + Run the playbook : + ```shell + ansible-playbook -i inventory.yml playbook.yml + ``` ## Writing a plugin diff --git a/docs/troubleshooting.md b/docs/troubleshooting.md index b8875d886..c0319a921 100644 --- a/docs/troubleshooting.md +++ b/docs/troubleshooting.md @@ -86,6 +86,19 @@ Here is how you can access the logs depending on your integration : cat /var/log/nginx/access.log ``` +=== "Ansible" + + For errors related to BunkerWeb services (e.g. not starting), you can use `journalctl` : + ```shell + ansible -i inventory.yml all -a "journalctl -u bunkerweb --no-pager" --become + ``` + + Common logs are located inside the `/var/log/nginx` directory : + ```shell + ansible -i inventory.yml all -a "cat /var/log/nginx/error.log" --become + ansible -i inventory.yml all -a "cat /var/log/nginx/access.log" --become + ``` + ## Permissions Don't forget that BunkerWeb runs as an unprivileged user for obvious security reasons. Double-check the permissions of files and folders used by BunkerWeb especially if you use custom configurations (more info [here](/1.4/quickstart-guide/#custom-configurations)). You will need to set at least **RW** rights on files and **_RWX_** on folders. @@ -234,6 +247,13 @@ You can manually unban an IP which can be useful when doing some tests but it ne sudo bwcli unban 1.2.3.4 ``` +=== "Ansible" + + You can use the `bwcli` command : + ```shell + ansible -i inventory.yml all -a "bwcli unban 1.2.3.4" --become + ``` + ## Whitelisting If you have bots that need to access your website, the recommended way to avoid any false positive is to whitelist it using the [whitelisting feature](/1.4/security-tuning/#blacklisting-and-whitelisting). We don't recommend using the `WHITELIST_URI*` or `WHITELIST_USER_AGENT*` settings unless they are set to secret and unpredictable values. Common use cases are : diff --git a/examples/ghost/tests.json b/examples/ghost/tests.json index 80c1fcf8f..3545061c3 100644 --- a/examples/ghost/tests.json +++ b/examples/ghost/tests.json @@ -8,6 +8,7 @@ "linux" ], "timeout": 60, + "delay": 30, "tests": [ { "type": "string", diff --git a/tests/AutoconfTest.py b/tests/AutoconfTest.py index 84893a633..a27b1a431 100644 --- a/tests/AutoconfTest.py +++ b/tests/AutoconfTest.py @@ -9,8 +9,8 @@ from logger import log class AutoconfTest(Test) : - def __init__(self, name, timeout, tests, no_copy_container=False) : - super().__init__(name, "autoconf", timeout, tests, no_copy_container=no_copy_container) + def __init__(self, name, timeout, tests, no_copy_container=False, delay=0) : + super().__init__(name, "autoconf", timeout, tests, no_copy_container=no_copy_container, delay=delay) self._domains = { r"www\.example\.com": getenv("TEST_DOMAIN1"), r"auth\.example\.com": getenv("TEST_DOMAIN1"), diff --git a/tests/DockerTest.py b/tests/DockerTest.py index 302f644b0..ba9fee867 100644 --- a/tests/DockerTest.py +++ b/tests/DockerTest.py @@ -8,8 +8,8 @@ from logger import log class DockerTest(Test) : - def __init__(self, name, timeout, tests, no_copy_container=False) : - super().__init__(name, "docker", timeout, tests, no_copy_container=no_copy_container) + def __init__(self, name, timeout, tests, no_copy_container=False, delay=0) : + super().__init__(name, "docker", timeout, tests, no_copy_container=no_copy_container, delay=delay) self._domains = { r"www\.example\.com": getenv("TEST_DOMAIN1"), r"auth\.example\.com": getenv("TEST_DOMAIN1"), diff --git a/tests/KubernetesTest.py b/tests/KubernetesTest.py index a52b52b91..eb906072e 100644 --- a/tests/KubernetesTest.py +++ b/tests/KubernetesTest.py @@ -9,8 +9,8 @@ from logger import log class KubernetesTest(Test) : - def __init__(self, name, timeout, tests) : - super().__init__(name, "kubernetes", timeout, tests) + def __init__(self, name, timeout, tests, delay=0) : + super().__init__(name, "kubernetes", timeout, tests, delay=delay) self._domains = { r"www\.example\.com": getenv("TEST_DOMAIN1_1"), r"auth\.example\.com": getenv("TEST_DOMAIN1_2"), diff --git a/tests/SwarmTest.py b/tests/SwarmTest.py index 981a72b3c..9c960a3e1 100644 --- a/tests/SwarmTest.py +++ b/tests/SwarmTest.py @@ -9,8 +9,8 @@ from logger import log class SwarmTest(Test) : - def __init__(self, name, timeout, tests) : - super().__init__(name, "swarm", timeout, tests) + def __init__(self, name, timeout, tests, delay=0) : + super().__init__(name, "swarm", timeout, tests, delay=delay) self._domains = { r"www\.example\.com": getenv("TEST_DOMAIN1_1"), r"auth\.example\.com": getenv("TEST_DOMAIN1_2"), diff --git a/tests/Test.py b/tests/Test.py index 267b1beae..f35741921 100644 --- a/tests/Test.py +++ b/tests/Test.py @@ -13,12 +13,13 @@ from logger import log class Test(ABC) : - def __init__(self, name, kind, timeout, tests, no_copy_container=False) : + def __init__(self, name, kind, timeout, tests, no_copy_container=False, delay=0) : self._name = name self.__kind = kind self._timeout = timeout self.__tests = tests self._no_copy_container = no_copy_container + self.__delay = delay log("TEST", "ℹ️", "instiantiated with " + str(len(tests)) + " tests and timeout of " + str(timeout) + "s for " + self._name) # Class method @@ -73,6 +74,9 @@ class Test(ABC) : def run_tests(self) : if not self._setup_test() : return False + if self.__delay != 0 : + log("TEST", "ℹ️", "delay is set, sleeping " + str(self.__delay) + "s") + sleep(self.__delay) start = time() while time() < start + self._timeout : all_ok = True diff --git a/tests/main.py b/tests/main.py index f1a5f5b2c..dafe129ad 100755 --- a/tests/main.py +++ b/tests/main.py @@ -59,16 +59,19 @@ for example in glob("./examples/*") : continue test_obj = None no_copy_container = False + delay = 0 if "no_copy_container" in tests : no_copy_container = tests["no_copy_container"] + if "delay" in tests : + delay = tests["delay"] if test_type == "docker" : - test_obj = DockerTest(tests["name"], tests["timeout"], tests["tests"], no_copy_container=no_copy_container) + test_obj = DockerTest(tests["name"], tests["timeout"], tests["tests"], no_copy_container=no_copy_container, delay=delay) elif test_type == "autoconf" : - test_obj = AutoconfTest(tests["name"], tests["timeout"], tests["tests"], no_copy_container=no_copy_container) + test_obj = AutoconfTest(tests["name"], tests["timeout"], tests["tests"], no_copy_container=no_copy_container, delay=delay) elif test_type == "swarm" : - test_obj = SwarmTest(tests["name"], tests["timeout"], tests["tests"]) + test_obj = SwarmTest(tests["name"], tests["timeout"], tests["tests"], delay=delay) elif test_type == "kubernetes" : - test_obj = KubernetesTest(tests["name"], tests["timeout"], tests["tests"]) + test_obj = KubernetesTest(tests["name"], tests["timeout"], tests["tests"], delay=delay) elif test_type == "linux" : test_obj = LinuxTest(tests["name"], tests["timeout"], tests["tests"], distro) if not test_obj.run_tests() :