diff --git a/.github/workflows/container-build.yml b/.github/workflows/container-build.yml index 85adacf3c..5747a11bf 100644 --- a/.github/workflows/container-build.yml +++ b/.github/workflows/container-build.yml @@ -56,6 +56,8 @@ jobs: echo "$SSH_KEY" > ~/.ssh/id_rsa_arm chmod 600 ~/.ssh/id_rsa_arm echo "$SSH_CONFIG" | sed "s/SSH_IP/$SSH_IP/g" > ~/.ssh/config + echo "ServerAliveInterval 60" >> ~/.ssh/config + echo "ServerAliveCountMax 10" >> ~/.ssh/config env: SSH_KEY: ${{ secrets.ARM_SSH_KEY }} SSH_IP: ${{ secrets.ARM_SSH_IP }} diff --git a/.github/workflows/create-arm.yml b/.github/workflows/create-arm.yml index e1f272c48..9bb50ff84 100644 --- a/.github/workflows/create-arm.yml +++ b/.github/workflows/create-arm.yml @@ -46,7 +46,7 @@ jobs: default-organization-id: ${{ secrets.SCW_DEFAULT_ORGANIZATION_ID }} - name: Extract ARM type run: | - TYPE=$(echo "$JSON" | jq '.servers | with_entries(select(.key | contains("AMP"))) | with_entries(select(.value.availability != "shortage")) | keys[] | select(. | test("^AMP2-C[0-9]+$")) | sub("AMP2-C"; "") | tonumber' | sort -n | tail -n 1 | xargs -I {} echo "AMP2-C{}") + TYPE=$(echo "$JSON" | jq '.servers | with_entries(select(.key | contains("COPARM1-"))) | with_entries(select(.value.availability != "shortage")) | keys[] | select(. | test("^COPARM1-[0-9]+C-[0-9]+G$"))' | sed 's/"//g' | cut -d '-' -f 2,3 | sort -g | tail -n 1 | xargs -I {} echo "COPARM1-{}") echo "Type is $TYPE" echo "TYPE=$TYPE" >> "$GITHUB_ENV" env: @@ -81,6 +81,6 @@ jobs: SSH_IP: ${{ fromJson(steps.scw.outputs.json).public_ip.address }} SSH_CONFIG: ${{ secrets.ARM_SSH_CONFIG }} - name: Install Docker - run: ssh root@$SSH_IP "curl -fsSL https://test.docker.com -o test-docker.sh ; sh test-docker.sh" + run: ssh root@$SSH_IP "curl -fsSL https://test.docker.com -o test-docker.sh ; sh test-docker.sh ; echo 'ClientAliveInterval 60' >> /etc/ssh/sshd_config ; echo 'ClientAliveCountMax 0' >> /etc/ssh/sshd_config ; systemctl restart ssh" env: SSH_IP: ${{ fromJson(steps.scw.outputs.json).public_ip.address }} diff --git a/.github/workflows/doc-to-pdf.yml b/.github/workflows/doc-to-pdf.yml index 34c7b8e5b..c545a09ab 100644 --- a/.github/workflows/doc-to-pdf.yml +++ b/.github/workflows/doc-to-pdf.yml @@ -18,8 +18,8 @@ jobs: uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 with: python-version: "3.10" - - name: Install doc requirements - run: pip install --no-cache-dir --require-hashes -r docs/requirements.txt + - name: Install doc dependencies + run: pip install --no-cache-dir --require-hashes -r docs/requirements.txt && sudo apt install -y libcairo2-dev libfreetype6-dev libffi-dev libjpeg-dev libpng-dev libz-dev - name: Install chromium run: sudo apt install chromium-browser - name: Install node diff --git a/.github/workflows/linux-build.yml b/.github/workflows/linux-build.yml index 507d7cfae..2850302b4 100644 --- a/.github/workflows/linux-build.yml +++ b/.github/workflows/linux-build.yml @@ -65,6 +65,8 @@ jobs: echo "$SSH_KEY" > ~/.ssh/id_rsa_arm chmod 600 ~/.ssh/id_rsa_arm echo "$SSH_CONFIG" | sed "s/SSH_IP/$SSH_IP/g" > ~/.ssh/config + echo "ServerAliveInterval 60" >> ~/.ssh/config + echo "ServerAliveCountMax 10" >> ~/.ssh/config env: SSH_KEY: ${{ secrets.ARM_SSH_KEY }} SSH_IP: ${{ secrets.ARM_SSH_IP }} diff --git a/.github/workflows/push-doc.yml b/.github/workflows/push-doc.yml index 6f7fbc317..319a11d3e 100644 --- a/.github/workflows/push-doc.yml +++ b/.github/workflows/push-doc.yml @@ -32,8 +32,8 @@ jobs: - uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 with: python-version: "3.10" - - name: Install doc requirements - run: pip install --no-cache-dir --require-hashes -r docs/requirements.txt + - name: Install doc dependencies + run: pip install --no-cache-dir --require-hashes -r docs/requirements.txt && sudo apt install -y libcairo2-dev libfreetype6-dev libffi-dev libjpeg-dev libpng-dev libz-dev - name: Push doc run: mike deploy --update-aliases --push --alias-type=copy ${{ inputs.VERSION }} ${{ inputs.ALIAS }} - name: Set default doc diff --git a/.github/workflows/push-docker.yml b/.github/workflows/push-docker.yml index 5a5ab655c..ee576a2b7 100644 --- a/.github/workflows/push-docker.yml +++ b/.github/workflows/push-docker.yml @@ -51,6 +51,8 @@ jobs: echo "$SSH_KEY" > ~/.ssh/id_rsa_arm chmod 600 ~/.ssh/id_rsa_arm echo "$SSH_CONFIG" | sed "s/SSH_IP/$SSH_IP/g" > ~/.ssh/config + echo "ServerAliveInterval 60" >> ~/.ssh/config + echo "ServerAliveCountMax 10" >> ~/.ssh/config env: SSH_KEY: ${{ secrets.ARM_SSH_KEY }} SSH_IP: ${{ secrets.ARM_SSH_IP }} diff --git a/.trivyignore b/.trivyignore index e69de29bb..db367b1cd 100644 --- a/.trivyignore +++ b/.trivyignore @@ -0,0 +1 @@ +CVE-2023-6129 diff --git a/README.md b/README.md index 714bbff8b..37ef44118 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@

- BunkerWeb logo + BunkerWeb logo

diff --git a/docs/package.json b/docs/package.json new file mode 100644 index 000000000..7f51a563a --- /dev/null +++ b/docs/package.json @@ -0,0 +1,5 @@ +{ + "dependencies": { + "puppeteer": "^21.3.6" + } +} \ No newline at end of file diff --git a/src/bw/Dockerfile b/src/bw/Dockerfile index 78fc5a6ea..adaa9451b 100644 --- a/src/bw/Dockerfile +++ b/src/bw/Dockerfile @@ -78,7 +78,7 @@ RUN apk add --no-cache pcre bash python3 yajl && \ ln -s /proc/1/fd/1 /var/log/bunkerweb/access.log # Fix CVEs -RUN apk add --no-cache "libwebp>=1.2.4-r3" "curl>=8.3.0-r0" "libcurl>=8.3.0-r0" "nghttp2-libs>=1.51.0-r2" "libcrypto3>=3.0.12-r0" "libssl3>=3.0.12-r0" "libx11>=1.8.7-r0" +RUN apk add --no-cache "libwebp>=1.2.4-r3" "curl>=8.3.0-r0" "libcurl>=8.3.0-r0" "nghttp2-libs>=1.51.0-r2" "libx11>=1.8.7-r0" "libssl3>=3.0.12-r1" "libcrypto3>=3.0.12-r1" EXPOSE 8080/tcp 8443/tcp