From 8b54073a7e42ffc0dab60578a0486a640f4f8469 Mon Sep 17 00:00:00 2001 From: florian Date: Tue, 4 Apr 2023 22:50:55 +0200 Subject: [PATCH] fix missing backslashes in autoconf custom configs and add missing full reload after custom configs update --- .github/workflows/staging.yml | 44 +++++++++---------- examples/drupal/setup-swarm.sh | 2 +- examples/gogs/setup-swarm.sh | 2 +- examples/magento/setup-swarm.sh | 2 +- .../{www.example.com => }/mongo-express.conf | 0 examples/mongo-express/setup-swarm.sh | 2 +- examples/nextcloud/setup-swarm.sh | 4 +- .../reverse-proxy-singlesite/setup-swarm.sh | 2 +- examples/wordpress/setup-swarm.sh | 2 +- src/common/db/Database.py | 10 ++++- src/scheduler/main.py | 21 ++++----- 11 files changed, 49 insertions(+), 42 deletions(-) rename examples/mongo-express/bw-data/configs/modsec/{www.example.com => }/mongo-express.conf (100%) diff --git a/.github/workflows/staging.yml b/.github/workflows/staging.yml index eab4cc471..2b200c6b6 100644 --- a/.github/workflows/staging.yml +++ b/.github/workflows/staging.yml @@ -124,13 +124,13 @@ jobs: category: "/language:${{matrix.language}}" # Create infrastructures - # create-infra-docker: - # needs: [code-security, build-bw, build-scheduler] - # uses: ./.github/workflows/staging-create-infra.yml - # with: - # TYPE: docker - # secrets: - # CICD_SECRETS: ${{ secrets.CICD_SECRETS }} + create-infra-docker: + needs: [code-security, build-bw, build-scheduler] + uses: ./.github/workflows/staging-create-infra.yml + with: + TYPE: docker + secrets: + CICD_SECRETS: ${{ secrets.CICD_SECRETS }} # create-infra-autoconf: # needs: [code-security, build-bw, build-scheduler, build-autoconf] # uses: ./.github/workflows/staging-create-infra.yml @@ -170,13 +170,13 @@ jobs: # CICD_SECRETS: ${{ secrets.CICD_SECRETS }} # Perform tests - # tests-docker: - # needs: [create-infra-docker] - # uses: ./.github/workflows/staging-tests.yml - # with: - # TYPE: docker - # RUNS_ON: "['self-hosted', 'bw-docker']" - # secrets: inherit + tests-docker: + needs: [create-infra-docker] + uses: ./.github/workflows/staging-tests.yml + with: + TYPE: docker + RUNS_ON: "['self-hosted', 'bw-docker']" + secrets: inherit # tests-autoconf: # needs: [create-infra-autoconf] # uses: ./.github/workflows/staging-tests.yml @@ -215,14 +215,14 @@ jobs: # PRIVATE_REGISTRY_TOKEN: ${{ secrets.PRIVATE_REGISTRY_TOKEN }} # Delete infrastructures - # delete-infra-docker: - # if: ${{ always() }} - # needs: [tests-docker] - # uses: ./.github/workflows/staging-delete-infra.yml - # with: - # TYPE: docker - # secrets: - # CICD_SECRETS: ${{ secrets.CICD_SECRETS }} + delete-infra-docker: + if: ${{ always() }} + needs: [tests-docker] + uses: ./.github/workflows/staging-delete-infra.yml + with: + TYPE: docker + secrets: + CICD_SECRETS: ${{ secrets.CICD_SECRETS }} # delete-infra-autoconf: # if: ${{ always() }} # needs: [tests-autoconf] diff --git a/examples/drupal/setup-swarm.sh b/examples/drupal/setup-swarm.sh index 06027f6e4..063f6d72a 100755 --- a/examples/drupal/setup-swarm.sh +++ b/examples/drupal/setup-swarm.sh @@ -10,4 +10,4 @@ docker config rm cfg_drupal_modsec_crs # create configs -docker config create -l bunkerweb.CONFIG_TYPE=modsec-crs cfg_drupal_modsec_crs -l bunkerweb.CONFIG_SITE=www.example.com ./bw-data/configs/modsec-crs/drupal.conf \ No newline at end of file +docker config create -l bunkerweb.CONFIG_TYPE=modsec-crs -l bunkerweb.CONFIG_SITE=www.example.com cfg_drupal_modsec_crs ./bw-data/configs/modsec-crs/drupal.conf \ No newline at end of file diff --git a/examples/gogs/setup-swarm.sh b/examples/gogs/setup-swarm.sh index 1ab578c66..6bcabb2c7 100755 --- a/examples/gogs/setup-swarm.sh +++ b/examples/gogs/setup-swarm.sh @@ -10,4 +10,4 @@ docker config rm cfg_gogs_modsec_crs # create configs -docker config create -l bunkerweb.CONFIG_TYPE=modsec-crs cfg_gogs_modsec_crs -l bunkerweb.CONFIG_SITE=www.example.com ./bw-data/configs/modsec-crs/gogs.conf \ No newline at end of file +docker config create -l bunkerweb.CONFIG_TYPE=modsec-crs -l bunkerweb.CONFIG_SITE=www.example.com cfg_gogs_modsec_crs ./bw-data/configs/modsec-crs/gogs.conf \ No newline at end of file diff --git a/examples/magento/setup-swarm.sh b/examples/magento/setup-swarm.sh index 1bf055946..d2aa8961b 100755 --- a/examples/magento/setup-swarm.sh +++ b/examples/magento/setup-swarm.sh @@ -10,4 +10,4 @@ docker config rm cfg_magento_server_http # create configs -docker config create -l bunkerweb.CONFIG_TYPE=server-http cfg_magento_server_http -l bunkerweb.CONFIG_SITE=www.example.com ./bw-data/configs/server-http/buffering.conf \ No newline at end of file +docker config create -l bunkerweb.CONFIG_TYPE=server-http -l bunkerweb.CONFIG_SITE=www.example.com cfg_magento_server_http ./bw-data/configs/server-http/buffering.conf \ No newline at end of file diff --git a/examples/mongo-express/bw-data/configs/modsec/www.example.com/mongo-express.conf b/examples/mongo-express/bw-data/configs/modsec/mongo-express.conf similarity index 100% rename from examples/mongo-express/bw-data/configs/modsec/www.example.com/mongo-express.conf rename to examples/mongo-express/bw-data/configs/modsec/mongo-express.conf diff --git a/examples/mongo-express/setup-swarm.sh b/examples/mongo-express/setup-swarm.sh index f11ae1e9d..1b62e7ac4 100755 --- a/examples/mongo-express/setup-swarm.sh +++ b/examples/mongo-express/setup-swarm.sh @@ -10,4 +10,4 @@ docker config rm cfg_me_modsec # create configs -docker config create -l bunkerweb.CONFIG_TYPE=modsec -l bunkerweb.CONFIG_SITE=www.example.com cfg_me_modsec ./bw-data/configs/modsec/www.example.com/mongo-express.conf \ No newline at end of file +docker config create -l bunkerweb.CONFIG_TYPE=modsec -l bunkerweb.CONFIG_SITE=www.example.com cfg_me_modsec ./bw-data/configs/modsec/mongo-express.conf \ No newline at end of file diff --git a/examples/nextcloud/setup-swarm.sh b/examples/nextcloud/setup-swarm.sh index ea24da443..bfe39b83c 100755 --- a/examples/nextcloud/setup-swarm.sh +++ b/examples/nextcloud/setup-swarm.sh @@ -11,5 +11,5 @@ docker config rm cfg_nextcloud_modsec docker config rm cfg_nextcloud_modsec_crs # create configs -docker config create -l bunkerweb.CONFIG_TYPE=modsec cfg_nextcloud_modsec -l bunkerweb.CONFIG_SITE=www.example.com ./bw-data/configs/modsec/nextcloud.conf -docker config create -l bunkerweb.CONFIG_TYPE=modsec-crs cfg_nextcloud_modsec_crs -l bunkerweb.CONFIG_SITE=www.example.com ./bw-data/configs/modsec-crs/nextcloud.conf \ No newline at end of file +docker config create -l bunkerweb.CONFIG_TYPE=modsec -l bunkerweb.CONFIG_SITE=www.example.com cfg_nextcloud_modsec ./bw-data/configs/modsec/nextcloud.conf +docker config create -l bunkerweb.CONFIG_TYPE=modsec-crs -l bunkerweb.CONFIG_SITE=www.example.com cfg_nextcloud_modsec_crs ./bw-data/configs/modsec-crs/nextcloud.conf \ No newline at end of file diff --git a/examples/reverse-proxy-singlesite/setup-swarm.sh b/examples/reverse-proxy-singlesite/setup-swarm.sh index 9bd6a063b..5325c2785 100755 --- a/examples/reverse-proxy-singlesite/setup-swarm.sh +++ b/examples/reverse-proxy-singlesite/setup-swarm.sh @@ -10,4 +10,4 @@ docker config rm cfg_reverse_server_http # create configs -docker config create -l bunkerweb.CONFIG_TYPE=server-http cfg_reverse_server_http -l bunkerweb.CONFIG_SITE=www.example.com ./bw-data/configs/server-http/redirects.conf +docker config create -l bunkerweb.CONFIG_TYPE=server-http -l bunkerweb.CONFIG_SITE=www.example.com cfg_reverse_server_http ./bw-data/configs/server-http/redirects.conf diff --git a/examples/wordpress/setup-swarm.sh b/examples/wordpress/setup-swarm.sh index a66c606b6..2b8c3a480 100755 --- a/examples/wordpress/setup-swarm.sh +++ b/examples/wordpress/setup-swarm.sh @@ -10,4 +10,4 @@ docker config rm cfg_wordpress_modsec_crs # create configs -docker config create -l bunkerweb.CONFIG_TYPE=modsec-crs cfg_wordpress_modsec_crs -l bunkerweb.CONFIG_SITE=www.example.com ./bw-data/configs/modsec-crs/wordpress.conf \ No newline at end of file +docker config create -l bunkerweb.CONFIG_TYPE=modsec-crs -l bunkerweb.CONFIG_SITE=www.example.com cfg_wordpress_modsec_crs ./bw-data/configs/modsec-crs/wordpress.conf \ No newline at end of file diff --git a/src/common/db/Database.py b/src/common/db/Database.py index d1fdeb22e..1fc26dfed 100644 --- a/src/common/db/Database.py +++ b/src/common/db/Database.py @@ -621,10 +621,16 @@ class Database: to_put = [] endl = "\n" for custom_config in custom_configs: + # config = { + # "data": custom_config["value"].replace("\\\n", "\n").encode("utf-8") + # if isinstance(custom_config["value"], str) + # else custom_config["value"].replace(b"\\\n", b"\n"), + # "method": method, + # } config = { - "data": custom_config["value"].replace("\\\n", "\n").encode("utf-8") + "data": custom_config["value"].encode("utf-8") if isinstance(custom_config["value"], str) - else custom_config["value"].replace(b"\\\n", b"\n"), + else custom_config["value"], "method": method, } config["checksum"] = sha256(config["data"]).hexdigest() diff --git a/src/scheduler/main.py b/src/scheduler/main.py index 33ceed560..6ca2bc4dd 100644 --- a/src/scheduler/main.py +++ b/src/scheduler/main.py @@ -214,12 +214,12 @@ if __name__ == "__main__": "Kubernetes", "Autoconf", ): - err = db.set_autoconf_load(False) - if err: - success = False - logger.error( - f"Can't set autoconf loaded metadata to false in database: {err}", - ) + # err = db.set_autoconf_load(False) + # if err: + # success = False + # logger.error( + # f"Can't set autoconf loaded metadata to false in database: {err}", + # ) while not db.is_autoconf_loaded(): logger.warning( @@ -481,10 +481,11 @@ if __name__ == "__main__": f"Error while reloading nginx - returncode: {proc.returncode} - error: {proc.stderr.decode('utf-8')}", ) else: - if api_caller._send_to_apis("POST", "/reload"): - logger.info("Successfuly reloaded nginx") - else: - logger.error("Error while reloading nginx") + need_reload = True + # if api_caller._send_to_apis("POST", "/reload"): + # logger.info("Successfuly reloaded nginx") + # else: + # logger.error("Error while reloading nginx") # check if the plugins have changed since last time tmp_external_plugins = db.get_plugins(external=True)