diff --git a/src/common/core/order.json b/src/common/core/order.json index 00d44911e..b4d1ba5d9 100644 --- a/src/common/core/order.json +++ b/src/common/core/order.json @@ -43,7 +43,6 @@ ], "log_stream": ["badbehavior", "bunkernet"], "log_default": [ - "whitelist", "badbehavior", "bunkernet", "errors", diff --git a/src/common/core/whitelist/confs/default-server-http/whitelist.conf b/src/common/core/whitelist/confs/default-server-http/whitelist.conf index 3bbb93e56..f8db2ee65 100644 --- a/src/common/core/whitelist/confs/default-server-http/whitelist.conf +++ b/src/common/core/whitelist/confs/default-server-http/whitelist.conf @@ -1 +1,76 @@ set $is_whitelisted 'no'; + +set_by_lua_block $whitelist_default { + local ccachestore = require "bunkerweb.cachestore" + local cdatastore = require "bunkerweb.datastore" + local clogger = require "bunkerweb.logger" + local utils = require "bunkerweb.utils" + + local ngx = ngx + local ngx_var = ngx.var + local ERR = ngx.ERR + local NOTICE = ngx.NOTICE + local get_variable = utils.get_variable + local cachestore = ccachestore:new(false) + local datastore = cdatastore:new() + local logger = clogger:new("WHITELIST-DEFAULT") + + + local checks = { + ["IP"] = "ip" .. ngx_var.remote_addr, + } + if ngx_var.http_user_agent then + checks["UA"] = "ua" .. ngx_var.http_user_agent + end + if ngx_var.uri then + checks["URI"] = "uri" .. ngx_var.uri + end + + local multisite, err = get_variable("MULTISITE", false) + if not multisite then + logger:log(ERR, "can't get MULTISITE variable : " .. err) + return "error" + end + if multisite == "no" then + local domains, err = get_variable("SERVER_NAME", false) + if not domains then + logger:log(ERR, "can't get SERVER_NAME variable : " .. err) + return "error" + end + if domains == "" then + return "ok" + end + local domain = domains:gmatch("%S+")() + for k, v in pairs(checks) do + local ok, data = cachestore:get("plugin_whitelist_" .. domain .. v) + if not ok and data then + logger:log(ERR, "error while checking cachestore : " .. data) + elseif ok and data ~= nil and data ~= "ok" then + logger:log(NOTICE, "whitelisting on default server (original server = " .. domain .. " and data = " .. data .. ")") + ngx_var.is_whitelisted = "yes" + return "ok" + end + end + else + local variables, err = datastore:get("variables", true) + if not variables then + logger:log(ERR, "can't get variables : " .. err) + return "error" + end + for server_name, server_vars in pairs(variables) do + local domains = server_vars["SERVER_NAME"] + local domain = domains:gmatch("%S+")() + for k, v in pairs(checks) do + local ok, data = cachestore:get("plugin_whitelist_" .. domain .. v) + if not ok and data then + logger:log(ERR, "error while checking cachestore : " .. data) + elseif ok and data ~= nil and data ~= "ok" then + logger:log(NOTICE, "whitelisting on default server (original server = " .. domain .. " and data = " .. data .. ")") + ngx_var.is_whitelisted = "yes" + return "ok" + end + end + end + end + return "ok" +} \ No newline at end of file diff --git a/src/common/core/whitelist/whitelist.lua b/src/common/core/whitelist/whitelist.lua index 3e316d69f..880c27de0 100644 --- a/src/common/core/whitelist/whitelist.lua +++ b/src/common/core/whitelist/whitelist.lua @@ -170,10 +170,6 @@ function whitelist:preread() return self:access() end -function whitelist:log_default() - return self:access() -end - function whitelist:kind_to_ele(kind) if kind == "IP" then return "ip" .. self.ctx.bw.remote_addr diff --git a/tests/ui/tests.sh b/tests/ui/tests.sh index 3789751ac..97cbe800b 100755 --- a/tests/ui/tests.sh +++ b/tests/ui/tests.sh @@ -156,7 +156,6 @@ if [ "$integration" == "docker" ] ; then fi docker-compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from ui-tests - rm -f .env else python3 "$test" fi @@ -164,6 +163,7 @@ fi # shellcheck disable=SC2181 if [ $? -ne 0 ] ; then if [ "$integration" == "docker" ] ; then + rm -f .env docker compose logs else echo "🛡️ Showing BunkerWeb journal logs ..."