Elgato_dark/bunkerweb
1
0
Fork 0
mirror of https://github.com/bunkerity/bunkerweb synced 2026-05-24 09:28:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add documentation about new way of seeing the logs via the web UI

Browse source
This commit is contained in:
Théophile Diot 2024-08-12 15:36:14 +01:00
parent 0b6cac66a8
commit 60bacbe30f
No known key found for this signature in database
GPG key ID: FA995104A0BA376A
2 changed files with 592 additions and 44 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
.gitleaksignore
View file

@ -89,3 +89,9 @@ docs/web-ui.md:hashicorp-tf-password:1225
docs/integrations.md:hashicorp-tf-password:617
docs/integrations.md:hashicorp-tf-password:1259
docs/quickstart-guide.md:hashicorp-tf-password:1522
docs/web-ui.md:hashicorp-tf-password:835
docs/web-ui.md:hashicorp-tf-password:855
docs/web-ui.md:hashicorp-tf-password:964
docs/web-ui.md:hashicorp-tf-password:993
docs/web-ui.md:hashicorp-tf-password:1149
docs/web-ui.md:hashicorp-tf-password:1180

630
docs/web-ui.md
View file

@ -90,6 +90,10 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
Here is the docker-compose boilerplate that you can use (don't forget to edit the `changeme` data) :
```yaml
x-ui-env: &bw-ui-env
# We anchor the environment variables to avoid duplication
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
services:
bunkerweb:
image: bunkerity/bunkerweb:1.6.0-beta
@ -99,6 +103,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
- "443:8443/udp" # For QUIC / HTTP3 support
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24" # Make sure to set the correct IP range so the scheduler can send the configuration to the instance
restart: "unless-stopped"
networks:
- bw-universe
- bw-services
@ -106,14 +111,15 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.6.0-beta
environment:
<<: *bw-ui-env
BUNKERWEB_INSTANCES: "bunkerweb" # Make sure to set the correct instance name
SERVER_NAME: ""
MULTISITE: "yes"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24" # We mirror the API_WHITELIST_IP from the bunkerweb service
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
UI_HOST: "http://bw-ui:7000" # Change it if needed
volumes:
- bw-data:/data # This is used to persist the cache and other data like the backups
restart: "unless-stopped"
networks:
- bw-universe
- bw-db
@ -121,8 +127,9 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
bw-ui:
image: bunkerity/bunkerweb-ui:1.6.0-beta
environment:
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
<<: *bw-ui-env
TOTP_SECRETS: "mysecret" # Remember to set a stronger secret key (see the Prerequisites section)
restart: "unless-stopped"
networks:
- bw-universe
- bw-db
@ -136,6 +143,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
MYSQL_PASSWORD: "changeme" # Remember to set a stronger password for the database
volumes:
- bw-db:/var/lib/mysql
restart: "unless-stopped"
networks:
- bw-db
@ -167,6 +175,11 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
Here is the docker-compose boilerplate that you can use (don't forget to edit the `changeme` data) :
```yaml
x-ui-env: &bw-ui-env
# We anchor the environment variables to avoid duplication
AUTOCONF_MODE: "yes"
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
services:
bunkerweb:
image: bunkerity/bunkerweb:1.6.0-beta
@ -179,6 +192,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
environment:
AUTOCONF_MODE: "yes"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
restart: "unless-stopped"
networks:
- bw-universe
- bw-services
@ -186,15 +200,15 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.6.0-beta
environment:
<<: *bw-ui-env
BUNKERWEB_INSTANCES: ""
SERVER_NAME: ""
AUTOCONF_MODE: "yes"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
MULTISITE: "yes"
UI_HOST: "http://bw-ui:7000" # Change it if needed
volumes:
- bw-data:/data # This is used to persist the cache and other data like the backups
restart: "unless-stopped"
networks:
- bw-universe
- bw-db
@ -204,9 +218,9 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
depends_on:
- bw-docker
environment:
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
AUTOCONF_MODE: "yes"
<<: *bw-ui-env
DOCKER_HOST: "tcp://bw-docker:2375"
restart: "unless-stopped"
networks:
- bw-universe
- bw-docker
@ -222,6 +236,16 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
networks:
- bw-docker
bw-ui:
image: bunkerity/bunkerweb-ui:1.6.0-beta
environment:
<<: *bw-ui-env
TOTP_SECRETS: "mysecret" # Remember to set a stronger secret key (see the Prerequisites section)
restart: "unless-stopped"
networks:
- bw-universe
- bw-db
bw-db:
image: mariadb:11
environment:
@ -231,19 +255,10 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
MYSQL_PASSWORD: "changeme" # Remember to set a stronger password for the database
volumes:
- bw-db:/var/lib/mysql
restart: "unless-stopped"
networks:
- bw-db
bw-ui:
image: bunkerity/bunkerweb-ui:1.6.0-beta
environment:
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
AUTOCONF_MODE: "yes"
TOTP_SECRETS: "mysecret" # Remember to set a stronger secret key (see the Prerequisites section)
networks:
- bw-universe
- bw-db
volumes:
bw-data:
bw-db:
@ -274,6 +289,11 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
Here is the stack boilerplate that you can use (don't forget to edit the `changeme` data) :
```yaml
x-ui-env: &bw-ui-env
# We anchor the environment variables to avoid duplication
SWARM_MODE: "yes"
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
services:
bunkerweb:
image: bunkerity/bunkerweb:1.6.0-beta
@ -293,6 +313,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
environment:
SWARM_MODE: "yes"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
restart: "unless-stopped"
networks:
- bw-universe
- bw-services
@ -307,17 +328,17 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.6.0-beta
environment:
<<: *bw-ui-env
BUNKERWEB_INSTANCES: ""
SERVER_NAME: ""
SWARM_MODE: "yes"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
MULTISITE: "yes"
USE_REDIS: "yes"
REDIS_HOST: "bw-redis"
UI_HOST: "http://bw-ui:7000" # Change it if needed
volumes:
- bw-data:/data # This is used to persist the cache and other data like the backups
restart: "unless-stopped"
networks:
- bw-universe
- bw-db
@ -325,9 +346,9 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
bw-autoconf:
image: bunkerity/bunkerweb-autoconf:1.6.0-beta
environment:
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
SWARM_MODE: "yes"
<<: *bw-ui-env
DOCKER_HOST: "tcp://bw-docker:2375"
restart: "unless-stopped"
networks:
- bw-universe
- bw-docker
@ -351,6 +372,16 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
constraints:
- "node.role == manager"
bw-ui:
image: bunkerity/bunkerweb-ui:1.6.0-beta
environment:
<<: *bw-ui-env
TOTP_SECRETS: "mysecret" # Remember to set a stronger secret key (see the Prerequisites section)
restart: "unless-stopped"
networks:
- bw-universe
- bw-db
bw-db:
image: mariadb:11
environment:
@ -360,6 +391,7 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
MYSQL_PASSWORD: "changeme" # Remember to set a stronger password for the database
volumes:
- bw-db:/var/lib/mysql
restart: "unless-stopped"
networks:
- bw-db
@ -368,16 +400,6 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
networks:
- bw-universe
bw-ui:
image: bunkerity/bunkerweb-ui:1.6.0-beta
environment:
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
SWARM_MODE: "yes"
TOTP_SECRETS: "mysecret" # Remember to set a stronger secret key (see the Prerequisites section)
networks:
- bw-universe
- bw-db
volumes:
bw-db:
bw-data:
@ -740,6 +762,518 @@ Review your final BunkerWeb UI URL and then click on the `Setup` button. Once th
You can access the setup wizard by browsing the `https://your-ip-address/setup` URI of your server.
## Accessing logs
Beginning with version `1.6.0-beta`, the method of accessing logs has changed. This update specifically impacts **Docker, Autoconf, and Swarm** Integrations. Logs are now exclusively accessed from the `/var/log/bunkerweb` directory.
To keep the logs accessible from the web UI, you will need to use `syslog-ng` to forward the logs to a file in the `/var/log/bunkerweb` directory.
=== "Docker"
To forward the logs correctly to the `/var/log/bunkerweb` directory on the Docker integration, you will need to stream the logs to a file using `syslog-ng`. Here is an example of how to do this :
```yaml
x-bw-env: &bw-env
# We anchor the environment variables to avoid duplication
API_WHITELIST_IP: "127.0.0.0/24 10.20.30.0/24"
services:
bunkerweb:
image: bunkerity/bunkerweb:1.6.0-beta
ports:
- "80:8080/tcp"
- "443:8443/tcp"
- "443:8443/udp" # QUIC
environment:
<<: *bw-env
restart: "unless-stopped"
networks:
- bw-universe
- bw-services
logging:
driver: syslog
options:
tag: "bunkerweb" # This will be the tag used by syslog-ng to create the log file
syslog-address: "udp://10.20.30.254:514" # This is the syslog-ng container address
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.6.0-beta
environment:
<<: *bw-env
BUNKERWEB_INSTANCES: "bunkerweb" # Make sure to set the correct instance name
SERVER_NAME: "www.example.com"
MULTISITE: "yes"
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
SERVE_FILES: "no"
DISABLE_DEFAULT_SERVER: "yes"
USE_CLIENT_CACHE: "yes"
USE_GZIP: "yes"
www.example.com_USE_UI: "yes"
www.example.com_USE_REVERSE_PROXY: "yes"
www.example.com_REVERSE_PROXY_URL: "/changeme" # Change it to a hard to guess URI
www.example.com_REVERSE_PROXY_HOST: "http://bw-ui:7000"
www.example.com_INTERCEPTED_ERROR_CODES: "400 404 405 413 429 500 501 502 503 504"
www.example.com_GENERATE_SELF_SIGNED_SSL: "yes"
www.example.com_MAX_CLIENT_SIZE: "50m"
volumes:
- bw-data:/data # This is used to persist the cache and other data like the backups
restart: "unless-stopped"
networks:
- bw-universe
- bw-db
logging:
driver: syslog
options:
tag: "bw-scheduler" # This will be the tag used by syslog-ng to create the log file
syslog-address: "udp://10.20.30.254:514" # This is the syslog-ng container address
bw-ui:
image: bunkerity/bunkerweb-ui:1.6.0-beta
environment:
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
ADMIN_USERNAME: "changeme"
ADMIN_PASSWORD: "changeme" # Remember to set a stronger password for the admin user
TOPT_SECRETS: "mysecret" # Remember to set a stronger secret key (see the Prerequisites section)
volumes:
- bw-logs:/var/log/bunkerweb # This is the volume used to store the logs
restart: "unless-stopped"
networks:
- bw-universe
- bw-db
logging:
driver: syslog
options:
tag: "bw-ui" # This will be the tag used by syslog-ng to create the log file
syslog-address: "udp://10.20.30.254:514" # This is the syslog-ng container address
bw-db:
image: mariadb:11
environment:
MYSQL_RANDOM_ROOT_PASSWORD: "yes"
MYSQL_DATABASE: "db"
MYSQL_USER: "bunkerweb"
MYSQL_PASSWORD: "changeme" # Remember to set a stronger password for the database
volumes:
- bw-db:/var/lib/mysql
restart: "unless-stopped"
networks:
- bw-db
bw-syslog:
image: balabit/syslog-ng:4.7.1
# image: lscr.io/linuxserver/syslog-ng:4.7.1-r1-ls116 # For aarch64 architecture
volumes:
- bw-logs:/var/log/bunkerweb # This is the volume used to store the logs
- ./syslog-ng.conf:/etc/syslog-ng/syslog-ng.conf # This is the syslog-ng configuration file
networks:
bw-universe:
ipv4_address: 10.20.30.254 # Make sure to set the correct IP address
volumes:
bw-data:
bw-db:
bw-logs:
networks:
bw-universe:
name: bw-universe
ipam:
driver: default
config:
- subnet: 10.20.30.0/24
bw-services:
name: bw-services
bw-db:
name: bw-db
```
=== "Docker Autoconf"
To forward the logs correctly to the `/var/log/bunkerweb` directory on the Autoconf integration, you will need to stream the logs to a file using `syslog-ng`. Here is an example of how to do this :
```yaml
x-ui-env: &bw-ui-env
# We anchor the environment variables to avoid duplication
AUTOCONF_MODE: "yes"
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
services:
bunkerweb:
image: bunkerity/bunkerweb:1.6.0-beta
ports:
- "80:8080/tcp"
- "443:8443/tcp"
- "443:8443/udp" # QUIC
environment:
AUTOCONF_MODE: "yes"
API_WHITELIST_IP: "127.0.0.0/24 10.20.30.0/24"
restart: "unless-stopped"
networks:
- bw-universe
- bw-services
logging:
driver: syslog
options:
tag: "bunkerweb" # This will be the tag used by syslog-ng to create the log file
syslog-address: "udp://10.20.30.254:514" # This is the syslog-ng container address
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.6.0-beta
environment:
<<: *bw-ui-env
BUNKERWEB_INSTANCES: "" # We don't need to specify the BunkerWeb instance here as they are automatically detected by the autoconf service
SERVER_NAME: "" # The server name will be filled with services labels
MULTISITE: "yes" # Mandatory setting for autoconf / ui
API_WHITELIST_IP: "127.0.0.0/24 10.20.30.0/24"
volumes:
- bw-data:/data # This is used to persist the cache and other data like the backups
restart: "unless-stopped"
networks:
- bw-universe
- bw-db
logging:
driver: syslog
options:
tag: "bw-scheduler" # This will be the tag used by syslog-ng to create the log file
syslog-address: "udp://10.20.30.254:514" # This is the syslog-ng container address
bw-autoconf:
image: bunkerity/bunkerweb-autoconf:1.6.0-beta
depends_on:
- bunkerweb
- bw-docker
environment:
<<: *bw-ui-env
DOCKER_HOST: "tcp://bw-docker:2375" # This is the Docker socket address
restart: "unless-stopped"
networks:
- bw-universe
- bw-docker
- bw-db
logging:
driver: syslog
options:
tag: "bw-autoconf" # This will be the tag used by syslog-ng to create the log file
syslog-address: "udp://10.20.30.254:514" # This is the syslog-ng container address
bw-ui:
image: bunkerity/bunkerweb-ui:1.6.0-beta
environment:
<<: *bw-ui-env
ADMIN_USERNAME: "changeme"
ADMIN_PASSWORD: "changeme" # Remember to set a stronger password for the admin user
TOPT_SECRETS: "mysecret" # Remember to set a stronger secret key (see the Prerequisites section)
volumes:
- bw-logs:/var/log/bunkerweb
restart: "unless-stopped"
networks:
- bw-universe
- bw-db
labels:
- "bunkerweb.SERVER_NAME=www.example.com"
- "bunkerweb.USE_UI=yes"
- "bunkerweb.USE_REVERSE_PROXY=yes"
- "bunkerweb.REVERSE_PROXY_URL=/changeme" # Change it to a hard to guess URI
- "bunkerweb.REVERSE_PROXY_HOST=http://bw-ui:7000"
- "bunkerweb.INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504"
- "bunkerweb.GENERATE_SELF_SIGNED_SSL=yes"
- "bunkerweb.MAX_CLIENT_SIZE=50m"
logging:
driver: syslog
options:
tag: "bw-ui" # This will be the tag used by syslog-ng to create the log file
syslog-address: "udp://10.20.30.254:514" # This is the syslog-ng container address
bw-db:
image: mariadb:11
environment:
MYSQL_RANDOM_ROOT_PASSWORD: "yes"
MYSQL_DATABASE: "db"
MYSQL_USER: "bunkerweb"
MYSQL_PASSWORD: "changeme" # Remember to set a stronger password for the database
volumes:
- bw-db:/var/lib/mysql
restart: "unless-stopped"
networks:
- bw-db
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
environment:
CONTAINERS: "1"
LOG_LEVEL: "warning"
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
restart: "unless-stopped"
networks:
- bw-docker
bw-syslog:
image: balabit/syslog-ng:4.7.1
# image: lscr.io/linuxserver/syslog-ng:4.7.1-r1-ls116 # For aarch64 architecture
volumes:
- bw-logs:/var/log/bunkerweb # This is the volume used to store the logs
- ./syslog-ng.conf:/etc/syslog-ng/syslog-ng.conf # This is the syslog-ng configuration file
networks:
bw-universe:
ipv4_address: 10.20.30.254 # Make sure to set the correct IP address
volumes:
bw-data:
bw-db:
bw-logs:
networks:
bw-universe:
name: bw-universe
ipam:
driver: default
config:
- subnet: 10.20.30.0/24
bw-services:
name: bw-services
bw-db:
name: bw-db
bw-docker:
name: bw-docker
```
=== "Swarm"
To forward the logs correctly to the `/var/log/bunkerweb` directory on the Swarm integration, you will need to stream the logs to a file using `syslog-ng`. Here is an example of how to do this :
```yaml
x-ui-env: &ui-env
# We anchor the environment variables to avoid duplication
SWARM_MODE: "yes"
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
services:
bunkerweb:
image: bunkerity/bunkerweb:1.6.0-beta
ports:
- published: 80
target: 8080
mode: host
protocol: tcp
- published: 443
target: 8443
mode: host
protocol: tcp
- published: 443
target: 8443
mode: host
protocol: udp # For QUIC / HTTP3 support
environment:
SWARM_MODE: "yes"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
restart: "unless-stopped"
networks:
- bw-universe
- bw-services
deploy:
mode: global
placement:
constraints:
- "node.role == worker"
labels:
- "bunkerweb.INSTANCE=yes"
logging:
driver: syslog
options:
tag: "bunkerweb" # This will be the tag used by syslog-ng to create the log file
syslog-address: "udp://10.20.30.254:514" # This is the syslog-ng container address
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.6.0-beta
environment:
<<: *ui-env
BUNKERWEB_INSTANCES: ""
SERVER_NAME: ""
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
MULTISITE: "yes"
USE_REDIS: "yes"
REDIS_HOST: "bw-redis"
volumes:
- bw-data:/data # This is used to persist the cache and other data like the backups
restart: "unless-stopped"
networks:
- bw-universe
- bw-db
logging:
driver: syslog
options:
tag: "bw-scheduler" # This will be the tag used by syslog-ng to create the log file
syslog-address: "udp://10.20.30.254:514" # This is the syslog-ng container address
bw-autoconf:
image: bunkerity/bunkerweb-autoconf:1.6.0-beta
environment:
<<: *ui-env
DOCKER_HOST: "tcp://bw-docker:2375"
restart: "unless-stopped"
networks:
- bw-universe
- bw-docker
- bw-db
logging:
driver: syslog
options:
tag: "bw-autoconf" # This will be the tag used by syslog-ng to create the log file
syslog-address: "udp://10.20.30.254:514" # This is the syslog-ng container address
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONFIGS: "1"
CONTAINERS: "1"
SERVICES: "1"
SWARM: "1"
TASKS: "1"
LOG_LEVEL: "warning"
restart: "unless-stopped"
networks:
- bw-docker
deploy:
placement:
constraints:
- "node.role == manager"
bw-ui:
image: bunkerity/bunkerweb-ui:1.6.0-beta
environment:
<<: *ui-env
ADMIN_USERNAME: "changeme"
ADMIN_PASSWORD: "changeme" # Remember to set a stronger password for the changeme user
TOTP_SECRETS: "mysecret" # Remember to set a stronger secret key (see the Prerequisites section)
volumes:
- bw-logs:/var/log/bunkerweb # This is the volume used to store the logs
restart: "unless-stopped"
networks:
- bw-universe
- bw-db
deploy:
labels:
- "bunkerweb.SERVER_NAME=www.example.com"
- "bunkerweb.USE_UI=yes"
- "bunkerweb.USE_REVERSE_PROXY=yes"
- "bunkerweb.REVERSE_PROXY_URL=/changeme"
- "bunkerweb.REVERSE_PROXY_HOST=http://bw-ui:7000"
- "bunkerweb.REVERSE_PROXY_INTERCEPT_ERRORS=no"
- "bunkerweb.INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504"
- "bunkerweb.GENERATE_SELF_SIGNED_SSL=yes"
- "bunkerweb.MAX_CLIENT_SIZE=50m"
logging:
driver: syslog
options:
tag: "bw-ui" # This will be the tag used by syslog-ng to create the log file
syslog-address: "udp://10.20.30.254:514" # This is the syslog-ng container address
bw-db:
image: mariadb:11
environment:
MYSQL_RANDOM_ROOT_PASSWORD: "yes"
MYSQL_DATABASE: "db"
MYSQL_USER: "bunkerweb"
MYSQL_PASSWORD: "changeme" # Remember to set a stronger password for the database
volumes:
- bw-db:/var/lib/mysql
networks:
- bw-db
bw-redis:
image: redis:7-alpine
networks:
- bw-universe
bw-syslog:
image: balabit/syslog-ng:4.7.1
# image: lscr.io/linuxserver/syslog-ng:4.7.1-r1-ls116 # For aarch64 architecture
volumes:
- bw-logs:/var/log/bunkerweb # This is the volume used to store the logs
- ./syslog-ng.conf:/etc/syslog-ng/syslog-ng.conf # This is the syslog-ng configuration file
networks:
bw-universe:
ipv4_address: 10.20.30.254 # Make sure to set the correct IP address
volumes:
bw-db:
bw-data:
networks:
bw-universe:
name: bw-universe
driver: overlay
attachable: true
ipam:
config:
- subnet: 10.20.30.0/24
bw-services:
name: bw-services
driver: overlay
attachable: true
bw-docker:
name: bw-docker
driver: overlay
attachable: true
bw-db:
name: bw-db
driver: overlay
attachable: true
```
=== "Kubernetes"
Kubernetes does not support the `syslog` logging driver. If you want to access the logs you will have to use some other way like Loki, Fluentd, or any other log management system.
=== "Linux"
For Linux this is the simplest way as the logs files are directly accessible from the filesystem.
### Syslog-ng configuration
Here is an example of a `syslog-ng.conf` file that you can use to forward the logs to a file :
```conf
@version: 4.7
# Source configuration to receive logs from Docker containers
source s_net {
udp(
ip("0.0.0.0")
);
};
# Template to format log messages
template t_imp {
template("$MSG\n");
template_escape(no);
};
# Destination configuration to write logs to dynamically named files
destination d_dyna_file {
file(
"/var/log/bunkerweb/${PROGRAM}.log"
template(t_imp)
owner("101")
group("101")
dir_owner("root")
dir_group("101")
perm(0440)
dir_perm(0770)
create_dirs(yes)
);
};
# Log path to direct logs to dynamically named files
log {
source(s_net);
destination(d_dyna_file);
};
```
## Account management
You can access the account management page by clicking on `manage account` inside the sidebar menu :
@ -881,6 +1415,10 @@ After a successful login/password combination, you will be prompted to enter you
Here is the docker-compose boilerplate that you can use (don't forget to edit the `changeme` data) :
```yaml
x-ui-env: &ui-env
# We anchor the environment variables to avoid duplication
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
services:
bunkerweb:
image: bunkerity/bunkerweb:1.6.0-beta
@ -897,11 +1435,11 @@ After a successful login/password combination, you will be prompted to enter you
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.6.0-beta
environment:
<<: *ui-env
BUNKERWEB_INSTANCES: "bunkerweb" # Make sure to set the correct instance name
SERVER_NAME: "www.example.com"
MULTISITE: "yes"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24" # We mirror the API_WHITELIST_IP from the bunkerweb service
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
SERVE_FILES: "no"
DISABLE_DEFAULT_SERVER: "yes"
USE_CLIENT_CACHE: "yes"
@ -922,7 +1460,7 @@ After a successful login/password combination, you will be prompted to enter you
bw-ui:
image: bunkerity/bunkerweb-ui:1.6.0-beta
environment:
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
<<: *ui-env
ADMIN_USERNAME: "changeme"
ADMIN_PASSWORD: "changeme" # Remember to set a stronger password for the changeme user
TOTP_SECRETS: "mysecret" # Remember to set a stronger secret key (see the Prerequisites section)
@ -988,6 +1526,11 @@ After a successful login/password combination, you will be prompted to enter you
Here is the docker-compose boilerplate that you can use (don't forget to edit the `changeme` data) :
```yaml
x-ui-env: &ui-env
# We anchor the environment variables to avoid duplication
AUTOCONF_MODE: "yes"
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
services:
bunkerweb:
image: bunkerity/bunkerweb:1.6.0-beta
@ -1007,11 +1550,10 @@ After a successful login/password combination, you will be prompted to enter you
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.6.0-beta
environment:
<<: *ui-env
BUNKERWEB_INSTANCES: ""
SERVER_NAME: ""
AUTOCONF_MODE: "yes"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
MULTISITE: "yes"
volumes:
- bw-data:/data # This is used to persist the cache and other data like the backups
@ -1024,8 +1566,7 @@ After a successful login/password combination, you will be prompted to enter you
depends_on:
- bw-docker
environment:
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
AUTOCONF_MODE: "yes"
<<: *ui-env
DOCKER_HOST: "tcp://bw-docker:2375"
networks:
- bw-universe
@ -1057,8 +1598,7 @@ After a successful login/password combination, you will be prompted to enter you
bw-ui:
image: bunkerity/bunkerweb-ui:1.6.0-beta
environment:
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
AUTOCONF_MODE: "yes"
<<: *ui-env
ADMIN_USERNAME: "changeme"
ADMIN_PASSWORD: "changeme" # Remember to set a stronger password for the changeme user
TOTP_SECRETS: "mysecret" # Remember to set a stronger secret key (see the Prerequisites section)
@ -1123,6 +1663,11 @@ After a successful login/password combination, you will be prompted to enter you
Here is the stack boilerplate that you can use (don't forget to edit the `changeme` data) :
```yaml
x-ui-env: &ui-env
# We anchor the environment variables to avoid duplication
SWARM_MODE: "yes"
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
services:
bunkerweb:
image: bunkerity/bunkerweb:1.6.0-beta
@ -1156,11 +1701,10 @@ After a successful login/password combination, you will be prompted to enter you
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.6.0-beta
environment:
<<: *ui-env
BUNKERWEB_INSTANCES: ""
SERVER_NAME: ""
SWARM_MODE: "yes"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
MULTISITE: "yes"
USE_REDIS: "yes"
REDIS_HOST: "bw-redis"
@ -1173,8 +1717,7 @@ After a successful login/password combination, you will be prompted to enter you
bw-autoconf:
image: bunkerity/bunkerweb-autoconf:1.6.0-beta
environment:
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
SWARM_MODE: "yes"
<<: *ui-env
DOCKER_HOST: "tcp://bw-docker:2375"
networks:
- bw-universe
@ -1219,8 +1762,7 @@ After a successful login/password combination, you will be prompted to enter you
bw-ui:
image: bunkerity/bunkerweb-ui:1.6.0-beta
environment:
DATABASE_URI: "mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db" # Remember to set a stronger password for the database
SWARM_MODE: "yes"
<<: *ui-env
ADMIN_USERNAME: "changeme"
ADMIN_PASSWORD: "changeme" # Remember to set a stronger password for the changeme user
TOTP_SECRETS: "mysecret" # Remember to set a stronger secret key (see the Prerequisites section)