diff --git a/CHANGELOG.md b/CHANGELOG.md index 6dc2e382c..fd9913828 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,25 @@ # Changelog -## v1.4.6 +## v1.4.8 - 2023/04/05 + +- Fix UI bug related to multiple settings +- Increase check reload interval in UI to avoid rate limit +- Fix Let's Encrypt error when using auth basic +- Fix wrong setting name in realip job (again) +- Fix blog posts retrieval in the UI +- Fix missing logs for UI +- Fix error log if BunkerNet ip list is empty +- Updated python dependencies +- Gunicorn will now show the logs in the console for the UI +- BunkerNet job will now create the ip list file at the beginning of the job to avoid errors + +## v1.4.7 - 2023/02/27 + +- Fix DISABLE_DEFAULT_SERVER=yes not working with HTTPS (again) +- Fix wrong setting name in realip job +- Fix whitelisting not working with modsecurity + +## v1.4.6 - 2023/02/14 - Fix error in the UI when a service have multiple domains - Fix bwcli bans command @@ -186,4 +205,4 @@ - Fix default value for CONTENT_SECURITY_POLICY to allow file downloads - Add ROOT_SITE_SUBFOLDER environment variable -## TODO - retrospective changelog +## TODO - retrospective changelog \ No newline at end of file diff --git a/README.md b/README.md index 13e402c19..57e626703 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,7 @@

- + diff --git a/docs/backup-new-integrations.md b/docs/backup-new-integrations.md index f8378c6c6..fbb0b039f 100644 --- a/docs/backup-new-integrations.md +++ b/docs/backup-new-integrations.md @@ -17,13 +17,13 @@ sudo dnf install nginx-1.20.2 ``` - And finally install BunkerWeb 1.4.6 : + And finally install BunkerWeb 1.5.0-beta : ```shell wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm && \ rpm -Uvh epel-release*rpm && \ curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.rpm.sh | sudo bash && \ sudo dnf check-update && \ - sudo dnf install -y bunkerweb-1.4.6 + sudo dnf install -y bunkerweb-1.5.0-beta ``` To prevent upgrading NGINX and/or BunkerWeb packages when executing `dnf upgrade`, you can use the following command : @@ -96,7 +96,7 @@ vagrant ssh python3 -m http.server -b 127.0.0.1 ``` - Configuration of BunkerWeb is done by editing the `/etc/bunkerweb/variables.env` file. + Configuration of BunkerWeb is done by editing the `/opt/bunkerweb/variables.env` file. Connect to your vagrant machine : ```shell @@ -159,7 +159,7 @@ vagrant ssh vagrant ssh ``` - Configuration of BunkerWeb is done by editing the /etc/bunkerweb/variables.env file : + Configuration of BunkerWeb is done by editing the /opt/bunkerweb/variables.env file : ```conf SERVER_NAME=app1.example.com app2.example.com app3.example.com HTTP_PORT=80 @@ -190,7 +190,7 @@ vagrant ssh === "Vagrant" - You will need to add the settings to the `/etc/bunkerweb/variables.env` file : + You will need to add the settings to the `/opt/bunkerweb/variables.env` file : ```conf ... @@ -204,7 +204,7 @@ vagrant ssh === "Vagrant" - You will need to add the settings to the `/etc/bunkerweb/variables.env` file : + You will need to add the settings to the `/opt/bunkerweb/variables.env` file : ```conf ... @@ -219,7 +219,7 @@ vagrant ssh === "Vagrant" - When using the [Vagrant integration](/1.4/integrations/#vagrant), custom configurations must be written to the `/etc/bunkerweb/configs` folder. + When using the [Vagrant integration](/1.4/integrations/#vagrant), custom configurations must be written to the `/opt/bunkerweb/configs` folder. Here is an example for server-http/hello-world.conf : ```conf @@ -233,8 +233,8 @@ vagrant ssh Because BunkerWeb runs as an unprivileged user (nginx:nginx), you will need to edit the permissions : ```shell - chown -R root:nginx /etc/bunkerweb/configs && \ - chmod -R 770 /etc/bunkerweb/configs + chown -R root:nginx /opt/bunkerweb/configs && \ + chmod -R 770 /opt/bunkerweb/configs ``` Don't forget to restart the BunkerWeb service once it's done. @@ -243,9 +243,9 @@ vagrant ssh We will assume that you already have the [Vagrant integration](/1.4/integrations/#vagrant) stack running on your machine. - By default, BunkerWeb will search for web files inside the `/var/www/html` folder. You can use it to store your PHP application. Please note that you will need to configure your PHP-FPM service to get or set the user/group of the running processes and the UNIX socket file used to communicate with BunkerWeb. + By default, BunkerWeb will search for web files inside the `/opt/bunkerweb/www` folder. You can use it to store your PHP application. Please note that you will need to configure your PHP-FPM service to get or set the user/group of the running processes and the UNIX socket file used to communicate with BunkerWeb. - First of all, you will need to make sure that your PHP-FPM instance can access the files inside the `/var/www/html` folder and also that BunkerWeb can access the UNIX socket file in order to communicate with PHP-FPM. We recommend to set a different user like `www-data` for the PHP-FPM service and to give the nginx group access to the UNIX socket file. Here is corresponding PHP-FPM configuration : + First of all, you will need to make sure that your PHP-FPM instance can access the files inside the `/opt/bunkerweb/www` folder and also that BunkerWeb can access the UNIX socket file in order to communicate with PHP-FPM. We recommend to set a different user like `www-data` for the PHP-FPM service and to give the nginx group access to the UNIX socket file. Here is corresponding PHP-FPM configuration : ```ini ... [www] @@ -263,14 +263,14 @@ vagrant ssh systemctl restart php8.1-fpm ``` - Once your application is copied to the `/var/www/html` folder, you will need to fix the permissions so BunkerWeb (user/group nginx) can at least read files and list folders and PHP-FPM (user/group www-data) is the owner of the files and folders : + Once your application is copied to the `/opt/bunkerweb/www` folder, you will need to fix the permissions so BunkerWeb (user/group nginx) can at least read files and list folders and PHP-FPM (user/group www-data) is the owner of the files and folders : ```shell - chown -R www-data:nginx /var/www/html && \ - find /var/www/html -type f -exec chmod 0640 {} \; && \ - find /var/www/html -type d -exec chmod 0750 {} \; + chown -R www-data:nginx /opt/bunkerweb/www && \ + find /opt/bunkerweb/www -type f -exec chmod 0640 {} \; && \ + find /opt/bunkerweb/www -type d -exec chmod 0750 {} \; ``` - You can now edit the `/etc/bunkerweb/variable.env` file : + You can now edit the `/opt/bunkerweb/variable.env` file : ```env HTTP_PORT=80 HTTPS_PORT=443 @@ -278,7 +278,7 @@ vagrant ssh SERVER_NAME=www.example.com AUTO_LETS_ENCRYPT=yes LOCAL_PHP=/run/php/php-fpm.sock - LOCAL_PHP_PATH=/var/www/html/ + LOCAL_PHP_PATH=/opt/bunkerweb/www/ ``` Let's check the status of BunkerWeb : @@ -299,9 +299,9 @@ vagrant ssh We will assume that you already have the [Vagrant integration](/1.4/integrations/#vagrant) stack running on your machine. - By default, BunkerWeb will search for web files inside the `/var/www/html` folder. You can use it to store your PHP applications : each application will be in its own subfolder named the same as the primary server name. Please note that you will need to configure your PHP-FPM service to get or set the user/group of the running processes and the UNIX socket file used to communicate with BunkerWeb. + By default, BunkerWeb will search for web files inside the `/opt/bunkerweb/www` folder. You can use it to store your PHP applications : each application will be in its own subfolder named the same as the primary server name. Please note that you will need to configure your PHP-FPM service to get or set the user/group of the running processes and the UNIX socket file used to communicate with BunkerWeb. - First of all, you will need to make sure that your PHP-FPM instance can access the files inside the `/var/www/html` folder and also that BunkerWeb can access the UNIX socket file in order to communicate with PHP-FPM. We recommend to set a different user like `www-data` for the PHP-FPM service and to give the nginx group access to the UNIX socket file. Here is corresponding PHP-FPM configuration : + First of all, you will need to make sure that your PHP-FPM instance can access the files inside the `/opt/bunkerweb/www` folder and also that BunkerWeb can access the UNIX socket file in order to communicate with PHP-FPM. We recommend to set a different user like `www-data` for the PHP-FPM service and to give the nginx group access to the UNIX socket file. Here is corresponding PHP-FPM configuration : ```ini ... [www] @@ -319,14 +319,14 @@ vagrant ssh systemctl restart php8.1-fpm ``` - Once your application is copied to the `/var/www/html` folder, you will need to fix the permissions so BunkerWeb (user/group nginx) can at least read files and list folders and PHP-FPM (user/group www-data) is the owner of the files and folders : + Once your application is copied to the `/opt/bunkerweb/www` folder, you will need to fix the permissions so BunkerWeb (user/group nginx) can at least read files and list folders and PHP-FPM (user/group www-data) is the owner of the files and folders : ```shell - chown -R www-data:nginx /var/www/html && \ - find /var/www/html -type f -exec chmod 0640 {} \; && \ - find /var/www/html -type d -exec chmod 0750 {} \; + chown -R www-data:nginx /opt/bunkerweb/www && \ + find /opt/bunkerweb/www -type f -exec chmod 0640 {} \; && \ + find /opt/bunkerweb/www -type d -exec chmod 0750 {} \; ``` - You can now edit the `/etc/bunkerweb/variable.env` file : + You can now edit the `/opt/bunkerweb/variable.env` file : ```env HTTP_PORT=80 HTTPS_PORT=443 @@ -335,11 +335,11 @@ vagrant ssh MULTISITE=yes AUTO_LETS_ENCRYPT=yes app1.example.com_LOCAL_PHP=/run/php/php-fpm.sock - app1.example.com_LOCAL_PHP_PATH=/var/www/html/app1.example.com + app1.example.com_LOCAL_PHP_PATH=/opt/bunkerweb/www/app1.example.com app2.example.com_LOCAL_PHP=/run/php/php-fpm.sock - app2.example.com_LOCAL_PHP_PATH=/var/www/html/app2.example.com + app2.example.com_LOCAL_PHP_PATH=/opt/bunkerweb/www/app2.example.com app3.example.com_LOCAL_PHP=/run/php/php-fpm.sock - app3.example.com_LOCAL_PHP_PATH=/var/www/html/app3.example.com + app3.example.com_LOCAL_PHP_PATH=/opt/bunkerweb/www/app3.example.com ``` Let's check the status of BunkerWeb : @@ -360,7 +360,7 @@ vagrant ssh === "Vagrant" - When using the [Linux integration](/1.4/integrations/#linux), plugins must be written to the `/etc/bunkerweb/plugins` folder : + When using the [Linux integration](/1.4/integrations/#linux), plugins must be written to the `/opt/bunkerweb/plugins` folder : ```shell git clone https://github.com/bunkerity/bunkerweb-plugins && \ cp -rp ./bunkerweb-plugins/* /data/plugins @@ -372,7 +372,7 @@ vagrant ssh The installation of the web UI using the [Vagrant integration](/1.4/integrations/#vagrant) is pretty straightforward because it is installed with BunkerWeb. - The first thing to do is to edit the BunkerWeb configuration located at **/etc/bunkerweb/variables.env** to add settings related to the web UI : + The first thing to do is to edit the BunkerWeb configuration located at **/opt/bunkerweb/variables.env** to add settings related to the web UI : ```conf HTTP_PORT=80 HTTPS_PORT=443 @@ -401,7 +401,7 @@ vagrant ssh systemctl restart bunkerweb ``` - You can edit the **/etc/bunkerweb/ui.env** file containing the settings of the web UI : + You can edit the **/opt/bunkerweb/ui.env** file containing the settings of the web UI : ```conf ADMIN_USERNAME=admin ADMIN_PASSWORD=changeme @@ -410,7 +410,7 @@ vagrant ssh Important things to note : - * `http(s)://bwadmin.example.com/changeme/` is the full base URL of the web UI (must match the sub(domain) and /changeme URL used in **/etc/bunkerweb/variables.env**) + * `http(s)://bwadmin.example.com/changeme/` is the full base URL of the web UI (must match the sub(domain) and /changeme URL used in **/opt/bunkerweb/variables.env**) * replace the username `admin` and password `changeme` with strong ones Restart the BunkerWeb UI service and you are now ready to access it : diff --git a/docs/integrations.md b/docs/integrations.md index 034c9cd7a..a2eeb5720 100644 --- a/docs/integrations.md +++ b/docs/integrations.md @@ -12,7 +12,7 @@ Using BunkerWeb as a [Docker](https://www.docker.com/) container is a quick and We provide ready-to-use prebuilt images for x64, x86 armv8 and armv7 architectures on [Docker Hub](https://hub.docker.com/r/bunkerity/bunkerweb) : ```shell -docker pull bunkerity/bunkerweb:1.4.6 +docker pull bunkerity/bunkerweb:1.5.0-beta ``` Alternatively, you can build the Docker images directly from the [source](https://github.com/bunkerity/bunkerweb) (and get a coffee ☕ because it may take a long time depending on your hardware) : @@ -39,7 +39,7 @@ docker run \ -e MY_SETTING=value \ -e "MY_OTHER_SETTING=value with spaces" \ ... - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Here is the docker-compose equivalent : @@ -48,7 +48,7 @@ Here is the docker-compose equivalent : ... services: mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta environment: - MY_SETTING=value ``` @@ -73,7 +73,7 @@ docker run \ ... -v bw_data:/data \ ... - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Here is the docker-compose equivalent : @@ -82,7 +82,7 @@ Here is the docker-compose equivalent : ... services: mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta volumes: - bw_data:/data ... @@ -152,7 +152,7 @@ docker run \ ... --network mynetwork \ ... - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` You will also need to do the same with your web application(s). Please note that the other containers are accessible using their name as the hostname. @@ -163,7 +163,7 @@ Here is the docker-compose equivalent : ... services: mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta networks: - bw-net ... @@ -218,7 +218,7 @@ docker run \ -e SERVER_NAME= \ -e "API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24" \ -l bunkerweb.AUTOCONF \ - bunkerity/bunkerweb:1.4.6 && \ + bunkerity/bunkerweb:1.5.0-beta && \ docker network connect bw-services mybunker ``` @@ -235,7 +235,7 @@ docker run \ --network bw-autoconf \ -v bw-data:/data \ -v /var/run/docker.sock:/var/run/docker.sock:ro \ - bunkerity/bunkerweb-autoconf:1.4.6 + bunkerity/bunkerweb-autoconf:1.5.0-beta ``` Here is the docker-compose equivalent for the BunkerWeb autoconf stack : @@ -246,7 +246,7 @@ version: '3.5' services: mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -262,7 +262,7 @@ services: - bw-services myautoconf: - image: bunkerity/bunkerweb-autoconf:1.4.6 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta volumes: - bw-data:/data - /var/run/docker.sock:/var/run/docker.sock:ro @@ -364,7 +364,7 @@ docker service create \ -e MULTISITE=yes \ -e "API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24" \ -l bunkerweb.AUTOCONF \ - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` And the autoconf one : @@ -378,7 +378,7 @@ docker service \ --mount type=bind,source=/var/run/docker.sock,destination=/var/run/docker.sock,ro \ --mount type=volume,source=bw-data,destination=/data \ -e SWARM_MODE=yes \ - bunkerity/bunkerweb-autoconf:1.4.6 + bunkerity/bunkerweb-autoconf:1.5.0-beta ``` Here is the docker-compose equivalent (using `docker stack deploy`) : @@ -389,7 +389,7 @@ version: '3.5' services: mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta ports: - published: 80 target: 8080 @@ -416,7 +416,7 @@ services: - "bunkerweb.AUTOCONF" myautoconf: - image: bunkerity/bunkerweb-autoconf:1.4.6 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta environment: - SWARM_MODE=yes volumes: @@ -580,7 +580,7 @@ spec: livenessProbe: exec: command: - - /usr/share/bunkerweb/helpers/healthcheck.sh + - /opt/bunkerweb/helpers/healthcheck.sh initialDelaySeconds: 30 periodSeconds: 5 timeoutSeconds: 1 @@ -588,7 +588,7 @@ spec: readinessProbe: exec: command: - - /usr/share/bunkerweb/helpers/healthcheck.sh + - /opt/bunkerweb/helpers/healthcheck.sh initialDelaySeconds: 30 periodSeconds: 1 timeoutSeconds: 1 @@ -706,11 +706,11 @@ Repositories of Linux packages for BunkerWeb are available on [PackageCloud](htt sudo apt install -y nginx=1.20.2-1~$(lsb_release -cs) ``` - And finally install BunkerWeb 1.4.6 : + And finally install BunkerWeb 1.5.0-beta : ```shell curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.deb.sh | sudo bash && \ sudo apt update && \ - sudo apt install -y bunkerweb=1.4.6 + sudo apt install -y bunkerweb=1.5.0-beta ``` To prevent upgrading NGINX and/or BunkerWeb packages when executing `apt upgrade`, you can use the following command : @@ -736,11 +736,11 @@ Repositories of Linux packages for BunkerWeb are available on [PackageCloud](htt sudo apt install -y nginx=1.20.2-1~jammy ``` - And finally install BunkerWeb 1.4.6 : + And finally install BunkerWeb 1.5.0-beta : ```shell curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.deb.sh | sudo bash && \ sudo apt update && \ - sudo apt install -y bunkerweb=1.4.6 + sudo apt install -y bunkerweb=1.5.0-beta ``` To prevent upgrading NGINX and/or BunkerWeb packages when executing `apt upgrade`, you can use the following command : @@ -755,20 +755,20 @@ Repositories of Linux packages for BunkerWeb are available on [PackageCloud](htt sudo dnf install -y nginx-1.20.2 ``` - And finally install BunkerWeb 1.4.6 : - ```shell - curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.rpm.sh | \ - sed 's/yum install -y pygpgme --disablerepo='\''bunkerity_bunkerweb'\''/yum install -y python-gnupg/g' | \ - sed 's/pypgpme_check=`rpm -qa | grep -qw pygpgme`/python-gnupg_check=`rpm -qa | grep -qw python-gnupg`/g' | sudo bash && \ - sudo dnf makecache && \ - sudo dnf install -y bunkerweb-1.4.6 - ``` + And finally install BunkerWeb 1.5.0-beta : + ```shell + curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.rpm.sh | \ + sed 's/yum install -y pygpgme --disablerepo='\''bunkerity_bunkerweb'\''/yum install -y python-gnupg/g' | \ + sed 's/pypgpme_check=`rpm -qa | grep -qw pygpgme`/python-gnupg_check=`rpm -qa | grep -qw python-gnupg`/g' | sudo bash && \ + sudo dnf makecache && \ + sudo dnf install -y bunkerweb-1.5.0-beta + ``` To prevent upgrading NGINX and/or BunkerWeb packages when executing `dnf upgrade`, you can use the following command : - ```shell - sudo dnf versionlock add nginx && \ - sudo dnf versionlock add bunkerweb - ``` + ```shell + sudo dnf versionlock add nginx && \ + sudo dnf versionlock add bunkerweb + ``` === "CentOS Stream" @@ -788,59 +788,12 @@ Repositories of Linux packages for BunkerWeb are available on [PackageCloud](htt sudo dnf install nginx-1.20.2 ``` - And finally install BunkerWeb 1.4.6 : + And finally install BunkerWeb 1.5.0-beta : ```shell dnf install -y epel-release && \ curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.rpm.sh | sudo bash && \ sudo dnf check-update && \ - sudo dnf install -y bunkerweb-1.4.6 - ``` - - To prevent upgrading NGINX and/or BunkerWeb packages when executing `dnf upgrade`, you can use the following command : - ```shell - sudo dnf versionlock add nginx && \ - sudo dnf versionlock add bunkerweb - ``` - -=== "Redhat" - - The first step is to add CentOS official repository. Create the following file at `/etc/yum.repos.d/centos.repo` : - ```conf - [centos] - name=CentOS-$releasever - Base - baseurl=http://mirror.centos.org/centos/$releasever/BaseOS/$basearch/os/ - gpgcheck=1 - enabled=1 - gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial - ``` - - The import the official GPG key of CentOS : - ```shell - rpm --import https://www.centos.org/keys/RPM-GPG-KEY-CentOS-Official - ``` - - Go to NGINX 1.20.2 by first adding the official NGINX repository. Create the following file at /etc/yum.repos.d/nginx.repo : - ```conf - [nginx-stable] - name=nginx stable repo - baseurl=http://nginx.org/packages/rhel/$releasever/$basearch/ - gpgcheck=1 - enabled=1 - gpgkey=https://nginx.org/keys/nginx_signing.key - module_hotfixes=true - ``` - - You should now be able to install NGINX 1.20.2 : - ```shell - sudo dnf install nginx-1.20.2-1.el8.ngx.x86_64 - ``` - - And finally install BunkerWeb 1.4.6 : - ```shell - dnf install -y epel-release && \ - curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.rpm.sh | sudo bash && \ - sudo dnf check-update && \ - sudo dnf install -y bunkerweb-1.4.6 + sudo dnf install -y bunkerweb-1.5.0-beta ``` To prevent upgrading NGINX and/or BunkerWeb packages when executing `dnf upgrade`, you can use the following command : @@ -853,9 +806,9 @@ Repositories of Linux packages for BunkerWeb are available on [PackageCloud](htt The first step is to install NGINX 1.20.2 using the repository of your choice or by [compiling it from source](https://docs.nginx.com/nginx/admin-guide/installing-nginx/installing-nginx-open-source/#compiling-and-installing-from-source). - The target installation folder of BunkerWeb is located at `/usr/share/bunkerweb`, let's create it : + The target installation folder of BunkerWeb is located at `/opt/bunkerweb`, let's create it : ```shell - mkdir /usr/share/bunkerweb + mkdir /opt/bunkerweb ``` You can now clone the BunkerWeb project to the `/tmp` folder : @@ -863,43 +816,40 @@ Repositories of Linux packages for BunkerWeb are available on [PackageCloud](htt https://github.com/bunkerity/bunkerweb.git /tmp/bunkerweb ``` - BunkerWeb needs some dependencies to be compiled and installed to `/usr/share/bunkerweb/deps`, the easiest way to do it is by executing the [install.sh helper script](https://github.com/bunkerity/bunkerweb/blob/master/deps/install.sh) (please note that you will need to install additional packages which is not covered in this procedure and depends on your own system) : + BunkerWeb needs some dependencies to be compiled and installed to `/opt/bunkerweb/deps`, the easiest way to do it is by executing the [install.sh helper script](https://github.com/bunkerity/bunkerweb/blob/master/deps/install.sh) (please note that you will need to install additional packages which is not covered in this procedure and depends on your own system) : ``` - mkdir /usr/share/bunkerweb/deps && \ + mkdir /opt/bunkerweb/deps && \ /tmp/bunkerweb/deps/install.sh ``` - - Additional Python dependencies needs to be installed into the `/usr/share/bunkerweb/deps/python` folder : + + Additional Python dependencies needs to be installed into the `/opt/bunkerweb/deps/python` folder : ```shell - mkdir -p /usr/share/bunkerweb/deps/python && \ - cat src/scheduler/requirements.txt src/ui/requirements.txt src/common/gen/requirements.txt src/common/db/requirements.txt > /tmp/bunkerweb/deps/requirements.txt && \ - pip install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /tmp/bunkerweb/deps/requirements.txt && \ + mkdir /opt/bunkerweb/deps/python && \ + pip install --no-cache-dir --require-hashes --target /opt/bunkerweb/deps/python -r /tmp/bunkerweb/deps/requirements.txt && \ + pip install --no-cache-dir --target /opt/bunkerweb/deps/python -r /tmp/bunkerweb/ui/requirements.txt ``` - Once dependencies are installed, you will be able to copy the BunkerWeb sources to the target `/usr/share/bunkerweb` folder : + Once dependencies are installed, you will be able to copy the BunkerWeb sources to the target `/opt/bunkerweb` folder : ```shell for src in api cli confs core gen helpers job lua misc utils ui settings.json VERSION linux/variables.env linux/ui.env linux/scripts ; do - cp -r /tmp/bunkerweb/${src} /usr/share/bunkerweb + cp -r /tmp/bunkerweb/${src} /opt/bunkerweb done - cp /usr/share/bunkerweb/helpers/bwcli /usr/bin + cp /opt/bunkerweb/helpers/bwcli /usr/local/bin ``` Additional folders also need to be created : ```shell - mkdir -p /etc/bunkerweb/configs && \ - mkdir -p /var/cache/bunkerweb && \ - mkdir -p /etc/bunkerweb/plugins && \ - mkdir -p /var/tmp/bunkerweb + mkdir /opt/bunkerweb/{configs,cache,plugins,tmp} ``` Permissions needs to be fixed : ```shell - find /usr/share/bunkerweb -path /usr/share/bunkerweb/deps -prune -o -type f -exec chmod 0740 {} \; && \ - find /usr/share/bunkerweb -path /usr/share/bunkerweb/deps -prune -o -type d -exec chmod 0750 {} \; && \ - find /usr/share/bunkerweb/core/*/jobs/* -type f -exec chmod 750 {} \; && \ - chmod 770 /var/cache/bunkerweb /var/tmp/bunkerweb && \ - chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/scheduler/main.py /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/scripts/*.sh /usr/bin/bwcli /usr/share/bunkerweb/ui/main.py && \ - chown -R root:nginx /usr/share/bunkerweb + find /opt/bunkerweb -path /opt/bunkerweb/deps -prune -o -type f -exec chmod 0740 {} \; && \ + find /opt/bunkerweb -path /opt/bunkerweb/deps -prune -o -type d -exec chmod 0750 {} \; && \ + find /opt/bunkerweb/core/*/jobs/* -type f -exec chmod 750 {} \; && \ + chmod 770 /opt/bunkerweb/cache /opt/bunkerweb/tmp && \ + chmod 750 /opt/bunkerweb/gen/main.py /opt/bunkerweb/job/main.py /opt/bunkerweb/cli/main.py /opt/bunkerweb/helpers/*.sh /opt/bunkerweb/scripts/*.sh /usr/local/bin/bwcli /opt/bunkerweb/ui/main.py && \ + chown -R root:nginx /opt/bunkerweb ``` Last but not least, you will need to set up systemd unit files : @@ -912,7 +862,7 @@ Repositories of Linux packages for BunkerWeb are available on [PackageCloud](htt systemctl enable bunkerweb-ui ``` -The configuration of BunkerWeb is done by editing the `/etc/bunkerweb/variables.env` file : +The configuration of BunkerWeb is done by editing the `/opt/bunkerweb/variables.env` file : ```conf MY_SETTING_1=value1 @@ -978,7 +928,7 @@ Configuration of BunkerWeb is done by using specific role variables : | Name | Type | Description | Default value | |:-----:|:-----:|--------------|----------------| -| `bunkerweb_version` | string | Version of BunkerWeb to install. | `1.4.6` | +| `bunkerweb_version` | string | Version of BunkerWeb to install. | `1.5.0-beta` | | `nginx_version` | string | Version of NGINX to install. | `1.20.2` | | `freeze_versions` | boolean | Prevent upgrade of BunkerWeb and NGINX when performing packages upgrades. | `true` | | `variables_env` | string | Path of the variables.env file to configure BunkerWeb. | `files/variables.env` | @@ -988,93 +938,4 @@ Configuration of BunkerWeb is done by using specific role variables : | `custom_www` | string | Path of the www directory to upload. | empty value | | `custom_plugins` | string | Path of the plugins directory to upload. | empty value | | `custom_www_owner` | string | Default owner for www files and folders. | `nginx` | -| `custom_www_group` | string | Default group for www files and folders. | `nginx` | - -## Vagrant - -

- ![Overwiew](assets/img/integration-vagrant.svg){ align=center } -
BunkerWeb integration with Vagrant
-
- -List of supported providers : - -- vmware_desktop -- virtualbox -- libvirt - -**_Note on Supported Base Images_** - -Please be aware that the provided Vagrant boxes are based **exclusively on Ubuntu 22.04 "Jammy"**. While BunkerWeb supports other Linux distributions, the Vagrant setup currently only supports Ubuntu 22.04 as the base operating system. This ensures a consistent and reliable environment for users who want to deploy BunkerWeb using Vagrant. - -Similar to other BunkerWeb integrations, the Vagrant setup uses **NGINX version 1.20.2**. This specific version is required to ensure compatibility and smooth functioning with BunkerWeb. Additionally, the Vagrant box includes **PHP** pre-installed, providing a ready-to-use environment for hosting PHP-based applications alongside BunkerWeb. - -By using the provided Vagrant box based on Ubuntu 22.04 "Jammy", you benefit from a well-configured and integrated setup, allowing you to focus on developing and securing your applications with BunkerWeb without worrying about the underlying infrastructure. - -Here are the steps to install BunkerWeb using Vagrant on Ubuntu with the supported virtualization providers (VirtualBox, VMware, and libvirt): - - -1. Make sure you have Vagrant and one of the supported virtualization providers (VirtualBox, VMware, or libvirt) installed on your system. -2. There are two ways to install the Vagrant box with BunkerWeb: either by using a provided Vagrantfile to configure your virtual machine or by creating a new box based on the existing BunkerWeb Vagrant box, offering you flexibility in how you set up your development environment. - -=== "Vagrantfile" - - ```shell - Vagrant.configure("2") do |config| - config.vm.box = "bunkerity/bunkerity" - end - ``` - - Depending on the virtualization provider you choose, you may need to install additional plugins: - - * For **VMware**, install the `vagrant-vmware-desktop` plugin. For more information, see the [Vagrant documentation](https://www.vagrantup.com/docs/providers). - * For **libvirt**, install the `vagrant-libvirt plugin`. For more information, see the [Vagrant documentation](https://www.vagrantup.com/docs/providers). - * For **VirtualBox**, install the `vagrant-vbguest` plugin. For more information, see the [Vagrant documentation](https://www.vagrantup.com/docs/providers). - -=== "New Vagrant Box" - - ```shell - vagrant init bunkerity/bunkerity - ``` - - Depending on the virtualization provider you choose, you may need to install additional plugins: - - * For **VMware**, install the `vagrant-vmware-desktop` plugin. For more information, see the [Vagrant documentation](https://www.vagrantup.com/docs/providers). - * For **libvirt**, install the `vagrant-libvirt plugin`. For more information, see the [Vagrant documentation](https://www.vagrantup.com/docs/providers). - * For **VirtualBox**, install the `vagrant-vbguest` plugin. For more information, see the [Vagrant documentation](https://www.vagrantup.com/docs/providers). - -After installing the necessary plugins for your chosen virtualization provider, run the following command to start the virtual machine and install BunkerWeb: - -```shell -vagrant up --provider=virtualbox # or --provider=vmware_desktop or --provider=libvirt -``` - -Finally, to access the virtual machine using SSH, execute the following command: - -```shell -vagrant ssh -``` - -**Example Vagrantfile** - - Here is an example `Vagrantfile` for installing BunkerWeb on Ubuntu 22.04 "Jammy" using the different supported virtualization providers: - -```shell -Vagrant.configure("2") do |config| - - # Ubuntu 22.04 "Jammy" - config.vm.box = "bunkerity/bunkerity" - - # Uncomment the desired virtualization provider - # For VirtualBox (default) - config.vm.provider "virtualbox" - - # For VMware - # config.vm.provider "vmware_desktop" # Windows - # config.vm.provider "vmware_workstation" # Linux - - # For libvirt - # config.vm.provider "libvirt" - -end -``` \ No newline at end of file +| `custom_www_group` | string | Default group for www files and folders. | `nginx` | \ No newline at end of file diff --git a/docs/plugins.md b/docs/plugins.md index 186349b63..2efd4d620 100644 --- a/docs/plugins.md +++ b/docs/plugins.md @@ -53,13 +53,13 @@ The first step is to install the plugin by putting the plugin files inside the c ... -v "${PWD}/bw-data:/data" \ ... - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Here is the docker-compose equivalent : ```yaml mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta volumes: - ./bw-data:/data ... diff --git a/docs/quickstart-guide.md b/docs/quickstart-guide.md index ef48a18f8..3979a2e00 100644 --- a/docs/quickstart-guide.md +++ b/docs/quickstart-guide.md @@ -54,7 +54,7 @@ You will find more settings about reverse proxy in the [settings section](/1.4/s -e USE_REVERSE_PROXY=yes \ -e REVERSE_PROXY_URL=/ \ -e REVERSE_PROXY_HOST=http://myapp \ - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Here is the docker-compose equivalent : @@ -64,7 +64,7 @@ You will find more settings about reverse proxy in the [settings section](/1.4/s services: mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -422,7 +422,7 @@ You will find more settings about reverse proxy in the [settings section](/1.4/s -e app1.example.com_REVERSE_PROXY_HOST=http://myapp1 \ -e app2.example.com_REVERSE_PROXY_HOST=http://myapp2 \ -e app3.example.com_REVERSE_PROXY_HOST=http://myapp3 \ - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Here is the docker-compose equivalent : @@ -432,7 +432,7 @@ You will find more settings about reverse proxy in the [settings section](/1.4/s services: mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -1082,13 +1082,13 @@ REAL_IP_HEADER=X-Forwarded-For -e "REAL_IP_FROM=1.2.3.0/24 100.64.0.0/16" \ -e REAL_IP_HEADER=X-Forwarded-For \ ... - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Here is the docker-compose equivalent : ```yaml mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta ... environment: - USE_REAL_IP=yes @@ -1107,13 +1107,13 @@ REAL_IP_HEADER=X-Forwarded-For -e "REAL_IP_FROM=1.2.3.0/24 100.64.0.0/16" \ -e REAL_IP_HEADER=X-Forwarded-For \ ... - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Here is the docker-compose equivalent : ```yaml mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta ... environment: - USE_REAL_IP=yes @@ -1132,13 +1132,13 @@ REAL_IP_HEADER=X-Forwarded-For -e "REAL_IP_FROM=1.2.3.0/24 100.64.0.0/16" \ -e REAL_IP_HEADER=X-Forwarded-For \ ... - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Here is the docker-compose equivalent (using `docker stack deploy`) : ```yaml mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta ... environment: - USE_REAL_IP=yes @@ -1163,7 +1163,7 @@ REAL_IP_HEADER=X-Forwarded-For spec: containers: - name: bunkerweb - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta ... env: - name: USE_REAL_IP @@ -1261,13 +1261,13 @@ REAL_IP_HEADER=proxy_protocol -e "REAL_IP_FROM=1.2.3.0/24 100.64.0.0/16" \ -e REAL_IP_HEADER=proxy_protocol \ ... - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Here is the docker-compose equivalent : ```yaml mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta ... environment: - USE_REAL_IP=yes @@ -1288,13 +1288,13 @@ REAL_IP_HEADER=proxy_protocol -e "REAL_IP_FROM=1.2.3.0/24 100.64.0.0/16" \ -e REAL_IP_HEADER=proxy_protocol \ ... - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Here is the docker-compose equivalent : ```yaml mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta ... environment: - USE_REAL_IP=yes @@ -1315,13 +1315,13 @@ REAL_IP_HEADER=proxy_protocol -e "REAL_IP_FROM=1.2.3.0/24 100.64.0.0/16" \ -e REAL_IP_HEADER=proxy_protocol \ ... - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Here is the docker-compose equivalent (using `docker stack deploy`) : ```yaml mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta ... environment: - USE_REAL_IP=yes @@ -1347,7 +1347,7 @@ REAL_IP_HEADER=proxy_protocol spec: containers: - name: bunkerweb - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta ... env: - name: USE_REAL_IP @@ -1457,7 +1457,7 @@ Some integrations offer a more convenient way of applying configurations such as Here is a dummy example using a docker-compose file : ```yaml mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta environment: - | CUSTOM_CONF_SERVER_HTTP_hello-world= @@ -1499,13 +1499,13 @@ Some integrations offer a more convenient way of applying configurations such as ... -v "${PWD}/bw-data:/data" \ ... - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Here is the docker-compose equivalent : ```yaml mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta volumes: - ./bw-data:/data ... @@ -1566,13 +1566,13 @@ Some integrations offer a more convenient way of applying configurations such as ... -v "${PWD}/bw-data:/data" \ ... - bunkerity/bunkerweb-autoconf:1.4.6 + bunkerity/bunkerweb-autoconf:1.5.0-beta ``` Here is the docker-compose equivalent : ```yaml myautoconf: - image: bunkerity/bunkerweb-autoconf:1.4.6 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta volumes: - ./bw-data:/data ... @@ -1774,7 +1774,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma -e AUTO_LETS_ENCRYPT=yes \ -e REMOTE_PHP=myphp \ -e REMOTE_PHP_PATH=/app \ - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Here is the docker-compose equivalent : @@ -1784,7 +1784,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma services: mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -1826,7 +1826,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma ... -v "${PWD}/myapp:/app" \ ... - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Once BunkerWeb and autoconf are ready, you will be able to create the PHP-FPM container, mount the application folder inside the container and configure it using specific labels : @@ -1890,7 +1890,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma ... -v "/shared/myapp:/app" \ ... - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Once BunkerWeb and autoconf are ready, you will be able to create the PHP-FPM service, mount the application folder inside the container and configure it using specific labels : @@ -2192,7 +2192,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma -e app2.example.com_REMOTE_PHP_PATH=/app \ -e app3.example.com_REMOTE_PHP=myphp3 \ -e app3.example.com_REMOTE_PHP_PATH=/app \ - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Here is the docker-compose equivalent : @@ -2202,7 +2202,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma services: mybunker: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -2263,7 +2263,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma ... -v "${PWD}/myapps:/apps" \ ... - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Once BunkerWeb and autoconf are ready, you will be able to create the PHP-FPM containers, mount the right application folder inside each container and configure them using specific labels : @@ -2387,7 +2387,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma ... -v "/shared/myapps:/apps" \ ... - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Once BunkerWeb and autoconf are ready, you will be able to create the PHP-FPM service, mount the application folder inside the container and configure it using specific labels : diff --git a/docs/web-ui.md b/docs/web-ui.md index b0493a293..54ffe7d1c 100644 --- a/docs/web-ui.md +++ b/docs/web-ui.md @@ -64,13 +64,14 @@ Because the web UI is a web application, the recommended installation procedure -e MULTISITE=yes \ -e "API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24" \ -e bwadm.example.com_USE_UI=yes \ + -e "bwadm.example.com_CONTENT_SECURITY_POLICY=object-src 'none'; frame-ancestors 'self';" \ -e bwadm.example.com_USE_REVERSE_PROXY=yes \ -e bwadm.example.com_REVERSE_PROXY_URL=/changeme/ \ -e bwadm.example.com_REVERSE_PROXY_HOST=http://bw-ui:7000 \ -e "bwadm.example.com_REVERSE_PROXY_HEADERS=X-Script-Name /changeme" \ - -e bwadm.example.com_INTERCEPTED_ERROR_CODES="400 401 405 413 429 500 501 502 503 504" \ + -e bwadm.example.com_INTERCEPTED_ERROR_CODES="400 401.5.0-beta 413 429 500 501 502 503 504" \ -l bunkerweb.INSTANCE \ - bunkerity/bunkerweb:1.4.6 && \ + bunkerity/bunkerweb:1.5.0-beta && \ docker network connect bw-universe bunkerweb ``` @@ -105,7 +106,7 @@ Because the web UI is a web application, the recommended installation procedure --network bw-universe \ -v bw-data:/data \ -e DOCKER_HOST=tcp://bw-docker:2375 \ - bunkerity/bunkerweb-scheduler:1.4.6 && \ + bunkerity/bunkerweb-scheduler:1.5.0-beta && \ docker network connect bw-docker bw-scheduler ``` @@ -119,7 +120,7 @@ Because the web UI is a web application, the recommended installation procedure -e ADMIN_USERNAME=admin \ -e ADMIN_PASSWORD=changeme \ -e ABSOLUTE_URI=http(s)://bwadm.example.com/changeme/ \ - bunkerity/bunkerweb-ui:1.4.6 && \ + bunkerity/bunkerweb-ui:1.5.0-beta && \ docker network connect bw-docker bw-ui ``` @@ -134,7 +135,7 @@ Because the web UI is a web application, the recommended installation procedure services: bunkerweb: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta ports: - "80:8080" - "443:8443" @@ -143,6 +144,7 @@ Because the web UI is a web application, the recommended installation procedure - MULTISITE=yes - API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24 - bwadm.example.com_USE_UI=yes + - bwadm.example.com_CONTENT_SECURITY_POLICY="object-src 'none'; frame-ancestors 'self';" - bwadm.example.com_USE_REVERSE_PROXY=yes - bwadm.example.com_REVERSE_PROXY_URL=/changeme/ - bwadm.example.com_REVERSE_PROXY_HOST=http://bw-ui:7000 @@ -155,7 +157,7 @@ Because the web UI is a web application, the recommended installation procedure - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.4.6 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta volumes: - bw-data:/data environment: @@ -165,7 +167,7 @@ Because the web UI is a web application, the recommended installation procedure - bw-docker bw-ui: - image: bunkerity/bunkerweb-ui:1.4.6 + image: bunkerity/bunkerweb-ui:1.5.0-beta volumes: - bw-data:/data environment: @@ -226,7 +228,7 @@ Because the web UI is a web application, the recommended installation procedure -e MULTISITE=yes \ -e "API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24" \ -l bunkerweb.INSTANCE \ - bunkerity/bunkerweb:1.4.6 + bunkerity/bunkerweb:1.5.0-beta ``` Important things to note : @@ -258,7 +260,7 @@ Because the web UI is a web application, the recommended installation procedure --network bw-universe \ -v bw-data:/data \ -e DOCKER_HOST=tcp://bw-docker:2375 \ - bunkerity/bunkerweb-autoconf:1.4.6 && \ + bunkerity/bunkerweb-autoconf:1.5.0-beta && \ docker network connect bw-docker bw-autoconf ``` @@ -269,7 +271,7 @@ Because the web UI is a web application, the recommended installation procedure --network bw-universe \ -v bw-data:/data \ -e DOCKER_HOST=tcp://bw-docker:2375 \ - bunkerity/bunkerweb-scheduler:1.4.6 && \ + bunkerity/bunkerweb-scheduler:1.5.0-beta && \ docker network connect bw-docker bw-scheduler ``` @@ -285,12 +287,13 @@ Because the web UI is a web application, the recommended installation procedure -e ABSOLUTE_URI=http(s)://bwadm.example.com/changeme/ \ -l "bunkerweb.SERVER_NAME=bwadm.example.com" \ -l "bunkerweb.USE_UI=yes" \ + -l "bunkerweb.CONTENT_SECURITY_POLICY=object-src 'none'; frame-ancestors 'self';" \ -l "bunkerweb.USE_REVERSE_PROXY=yes" \ -l "bunkerweb.REVERSE_PROXY_URL=/changeme" \ -l "bunkerweb.REVERSE_PROXY_HOST=http://bw-ui:7000" \ -l "bunkerweb.REVERSE_PROXY_HEADERS=X-Script-Name /changeme" \ - -l "bunkerweb.INTERCEPTED_ERROR_CODES=400 401 404 405 413 429 500 501 502 503 504" \ - bunkerity/bunkerweb-ui:1.4.6 && \ + -l "bunkerweb.INTERCEPTED_ERROR_CODES=400 401.5.0-beta 405 413 429 500 501 502 503 504" \ + bunkerity/bunkerweb-ui:1.5.0-beta && \ docker network connect bw-docker bw-ui ``` @@ -307,7 +310,7 @@ Because the web UI is a web application, the recommended installation procedure services: bunkerweb: - image: bunkerity/bunkerweb:1.4.6 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -323,7 +326,7 @@ Because the web UI is a web application, the recommended installation procedure - bw-services bw-autoconf: - image: bunkerity/bunkerweb-autoconf:1.4.6 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta volumes: - bw-data:/data environment: @@ -333,7 +336,7 @@ Because the web UI is a web application, the recommended installation procedure - bw-docker bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.4.6 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta volumes: - bw-data:/data environment: @@ -353,7 +356,7 @@ Because the web UI is a web application, the recommended installation procedure - bw-docker bw-ui: - image: bunkerity/bunkerweb-ui:1.4.6 + image: bunkerity/bunkerweb-ui:1.5.0-beta networks: bw-docker: bw-universe: @@ -370,11 +373,12 @@ Because the web UI is a web application, the recommended installation procedure labels: - "bunkerweb.SERVER_NAME=bwadm.example.com" - "bunkerweb.USE_UI=yes" + - "bunkerweb.CONTENT_SECURITY_POLICY=object-src 'none'; frame-ancestors 'self';" - "bunkerweb.USE_REVERSE_PROXY=yes" - "bunkerweb.REVERSE_PROXY_URL=/changeme" - "bunkerweb.REVERSE_PROXY_HOST=http://bw-ui:7000" - "bunkerweb.REVERSE_PROXY_HEADERS=X-Script-Name /changeme" - - "bunkerweb.INTERCEPTED_ERROR_CODES=400 401 404 405 413 429 500 501 502 503 504" + - "bunkerweb.INTERCEPTED_ERROR_CODES=400 401.5.0-beta 405 413 429 500 501 502 503 504" volumes: bw-data: @@ -395,6 +399,199 @@ Because the web UI is a web application, the recommended installation procedure === "Swarm" + When using the [Swarm integration](/1.4/integrations/#swarm), we recommend you to connect the Swarm and web UI containers using a dedicated network like with the scheduler and use another dedicated network for the communications between BunkerWeb and your web applications. The web UI can be deployed using a dedicated container based on the [bunkerweb-ui image](https://hub.docker.com/r/bunkerity/bunkerweb-ui). + + Let's start by creating the networks (replace 10.20.30.0/24 with an unused network of your choice) : + ```shell + docker network create --subnet 10.20.30.0/24 bw-universe && \ + docker network create bw-services + ``` + + You will also need the data volume, which where BunkerWeb's data will be stored : + ```shell + docker volume create bw-data + ``` + + You can now create the BunkerWeb container, please note the special `bunkerweb.INSTANCE` label which is mandatory for the scheduler as well as the web UI to work properly : + ```shell + docker run -d \ + --name bunkerweb \ + --network bw-universe \ + -p 80:8080 \ + -p 443:8443 \ + -e SERVER_NAME= \ + -e MULTISITE=yes \ + -e "API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24" \ + -l bunkerweb.INSTANCE \ + bunkerity/bunkerweb:1.5.0-beta + ``` + + Important things to note : + + * replace `10.20.30.0/24` with the same network address used for the `bw-universe` network + * the `bunkerweb.INSTANCE` label is mandatory + + The Autoconf and web UI will need to access the Docker API in order to get metadata about the running containers. It can be done easily by mounting the **docker.sock** file into the container. But there is a security risk : if the web UI is exploited, all your container(s) and the host will be impacted because, at the moment, Docker doesn't provide any restriction feature. We highly recommend using something like a [docker socket proxy](https://github.com/Tecnativa/docker-socket-proxy) to mitigate that risk (only a subset of read-only API endpoints will be available to the web UI container). + + To connect the docker socket proxy and the web UI, you will need another network : + ```shell + docker network create bw-docker + ``` + + Once the network is created, you can now create the docker socket proxy container : + ```shell + docker run -d \ + --name bw-docker \ + --network bw-docker \ + -v /var/run/docker.sock:/var/run/docker.sock:ro \ + -e CONTAINERS=1 \ + tecnativa/docker-socket-proxy + ``` + + You can then create the autoconf container connected to the docker socket proxy network : + ```shell + docker run -d \ + --name bw-autoconf \ + --network bw-universe \ + -v bw-data:/data \ + -e DOCKER_HOST=tcp://bw-docker:2375 \ + bunkerity/bunkerweb-autoconf:1.5.0-beta && \ + docker network connect bw-docker bw-autoconf + ``` + + You can then create the scheduler container with the bw-data volume and the docker socket proxy network : + ```shell + docker run -d \ + --name bw-scheduler \ + --network bw-universe \ + -v bw-data:/data \ + -e DOCKER_HOST=tcp://bw-docker:2375 \ + bunkerity/bunkerweb-scheduler:1.5.0-beta && \ + docker network connect bw-docker bw-scheduler + ``` + + We can finally create the web UI container : + ```shell + docker run -d \ + --name bw-ui \ + --network bw-universe \ + -v bw-data:/data \ + -e DOCKER_HOST=tcp://bw-docker:2375 \ + -e ADMIN_USERNAME=admin \ + -e ADMIN_PASSWORD=changeme \ + -e ABSOLUTE_URI=http(s)://bwadm.example.com/changeme/ \ + -l "bunkerweb.SERVER_NAME=bwadm.example.com" \ + -l "bunkerweb.USE_UI=yes" \ + -l "bunkerweb.CONTENT_SECURITY_POLICY=object-src 'none'; frame-ancestors 'self';" \ + -l "bunkerweb.USE_REVERSE_PROXY=yes" \ + -l "bunkerweb.REVERSE_PROXY_URL=/changeme" \ + -l "bunkerweb.REVERSE_PROXY_HOST=http://bw-ui:7000" \ + -l "bunkerweb.REVERSE_PROXY_HEADERS=X-Script-Name /changeme" \ + -l "bunkerweb.INTERCEPTED_ERROR_CODES=400 401.5.0-beta 405 413 429 500 501 502 503 504" \ + bunkerity/bunkerweb-ui:1.5.0-beta && \ + docker network connect bw-docker bw-ui + ``` + + Important things to note : + + * `bwadm.example.com` is the dedicated (sub)domain for accessing the web UI + * replace the `/changeme` URL with a custom one of your choice + * `http(s)://bwadmin.example.com/changeme/` is the full base URL of the web UI (must match the sub(domain) and /changeme URL used when creating the BunkerWeb container) + * Replace the username `admin` and password `changeme` with strong ones + + Here is the docker-compose equivalent : + ```yaml + version: "3.5" + + services: + bunkerweb: + image: bunkerity/bunkerweb:1.5.0-beta + ports: + - 80:8080 + - 443:8443 + labels: + - "bunkerweb.INSTANCE" + environment: + - SERVER_NAME= + - MULTISITE=yes + - API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24 + - AUTOCONF_MODE=yes + networks: + - bw-universe + - bw-services + + bw-autoconf: + image: bunkerity/bunkerweb-autoconf:1.5.0-beta + volumes: + - bw-data:/data + environment: + - DOCKER_HOST=tcp://bw-docker:2375 + networks: + - bw-universe + - bw-docker + + bw-scheduler: + image: bunkerity/bunkerweb-scheduler:1.5.0-beta + volumes: + - bw-data:/data + environment: + - DOCKER_HOST=tcp://bw-docker:2375 + - AUTOCONF_MODE=yes + networks: + - bw-universe + - bw-docker + + bw-docker: + image: tecnativa/docker-socket-proxy + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + environment: + - CONTAINERS=1 + networks: + - bw-docker + + bw-ui: + image: bunkerity/bunkerweb-ui:1.5.0-beta + networks: + bw-docker: + bw-universe: + aliases: + - bw-ui + volumes: + - bw-data:/data + environment: + - DOCKER_HOST=tcp://bw-docker:2375 + - AUTOCONF_MODE=yes + - ADMIN_USERNAME=admin + - ADMIN_PASSWORD=changeme + - ABSOLUTE_URI=http://bwadm.example.com/changeme/ + labels: + - "bunkerweb.SERVER_NAME=bwadm.example.com" + - "bunkerweb.USE_UI=yes" + - "bunkerweb.CONTENT_SECURITY_POLICY=object-src 'none'; frame-ancestors 'self';" + - "bunkerweb.USE_REVERSE_PROXY=yes" + - "bunkerweb.REVERSE_PROXY_URL=/changeme" + - "bunkerweb.REVERSE_PROXY_HOST=http://bw-ui:7000" + - "bunkerweb.REVERSE_PROXY_HEADERS=X-Script-Name /changeme" + - "bunkerweb.INTERCEPTED_ERROR_CODES=400 401.5.0-beta 405 413 429 500 501 502 503 504" + + volumes: + bw-data: + + networks: + bw-universe: + name: bw-universe + ipam: + driver: default + config: + - subnet: 10.20.30.0/24 + bw-services: + name: bw-services + bw-docker: + name: bw-docker + + ``` + === "Kubernetes" === "Linux" diff --git a/examples/authelia/docker-compose.yml b/examples/authelia/docker-compose.yml index 3f2afe2b1..e00d52cb3 100644 --- a/examples/authelia/docker-compose.yml +++ b/examples/authelia/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.4" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -44,7 +44,7 @@ services: - app2.example.com_REVERSE_PROXY_HEADERS=Remote-User $$user;Remote-Groups $$groups;Remote-Name $$name;Remote-Email $$email bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/authentik/docker-compose.yml b/examples/authentik/docker-compose.yml index 5efadbaaa..81918a92a 100644 --- a/examples/authentik/docker-compose.yml +++ b/examples/authentik/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.4" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -53,7 +53,7 @@ services: - app2.example.com_REVERSE_PROXY_HEADERS=X-authentik-username $$authentik_username;X-authentik-groups $$authentik_groups;X-authentik-email $$authentik_email;X-authentik-name $$authentik_name;X-authentik-uid $$authentik_uid bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/behind-reverse-proxy/docker-compose.yml b/examples/behind-reverse-proxy/docker-compose.yml index 0c0cbb64a..71bd362d3 100644 --- a/examples/behind-reverse-proxy/docker-compose.yml +++ b/examples/behind-reverse-proxy/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta environment: - SERVER_NAME=www.example.com # replace with your domains - API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24 @@ -24,7 +24,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/bigbluebutton/docker-compose.yml b/examples/bigbluebutton/docker-compose.yml index 615389ce2..791dcae22 100644 --- a/examples/bigbluebutton/docker-compose.yml +++ b/examples/bigbluebutton/docker-compose.yml @@ -27,7 +27,7 @@ services: ... mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -50,7 +50,7 @@ services: bw-universe: bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/certbot-dns-cloudflare/docker-compose.yml b/examples/certbot-dns-cloudflare/docker-compose.yml index eb2e03eee..147d3ea3a 100644 --- a/examples/certbot-dns-cloudflare/docker-compose.yml +++ b/examples/certbot-dns-cloudflare/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -33,7 +33,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/certbot-dns-digitalocean/docker-compose.yml b/examples/certbot-dns-digitalocean/docker-compose.yml index d0f363e74..155497478 100644 --- a/examples/certbot-dns-digitalocean/docker-compose.yml +++ b/examples/certbot-dns-digitalocean/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -33,7 +33,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/certbot-dns-google/docker-compose.yml b/examples/certbot-dns-google/docker-compose.yml index 56bdff380..3d0313a5a 100644 --- a/examples/certbot-dns-google/docker-compose.yml +++ b/examples/certbot-dns-google/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -33,7 +33,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/certbot-dns-ovh/docker-compose.yml b/examples/certbot-dns-ovh/docker-compose.yml index e6fbe6885..2a6f12159 100644 --- a/examples/certbot-dns-ovh/docker-compose.yml +++ b/examples/certbot-dns-ovh/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -33,7 +33,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/certbot-dns-route53/docker-compose.yml b/examples/certbot-dns-route53/docker-compose.yml index 7c1f901ea..0e36592bc 100644 --- a/examples/certbot-dns-route53/docker-compose.yml +++ b/examples/certbot-dns-route53/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -33,7 +33,7 @@ services: - bw-services bbw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/community/brawdunoir-homelab/docker/bw/bw-data/modsec/nextcloud.conf b/examples/community/brawdunoir-homelab/docker/bw/bw-data/modsec/nextcloud.conf index 8f61e435d..0f57eb894 100644 --- a/examples/community/brawdunoir-homelab/docker/bw/bw-data/modsec/nextcloud.conf +++ b/examples/community/brawdunoir-homelab/docker/bw/bw-data/modsec/nextcloud.conf @@ -1 +1 @@ -SecRule REQUEST_FILENAME "@rx ^/remote.php/dav/files/" "id:1000,ctl:ruleRemoveByTag=attack-protocol,ctl:ruleRemoveByTag=attack-generic,nolog" \ No newline at end of file +SecRule REQUEST_FILENAME "@rx ^/remote.php/dav/files/" "id:2000,ctl:ruleRemoveByTag=attack-protocol,ctl:ruleRemoveByTag=attack-generic,nolog" \ No newline at end of file diff --git a/examples/cors/docker-compose.yml b/examples/cors/docker-compose.yml index 1e0af1543..7130000b5 100644 --- a/examples/cors/docker-compose.yml +++ b/examples/cors/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -38,7 +38,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/docker-configs/docker-compose.yml b/examples/docker-configs/docker-compose.yml index 2ab2ad0ed..69cd0fc07 100644 --- a/examples/docker-configs/docker-compose.yml +++ b/examples/docker-configs/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -53,7 +53,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/drupal/docker-compose.yml b/examples/drupal/docker-compose.yml index 679291eab..a92b031ea 100644 --- a/examples/drupal/docker-compose.yml +++ b/examples/drupal/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -28,7 +28,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/ghost/docker-compose.yml b/examples/ghost/docker-compose.yml index 29ab2378f..d09c6fc6c 100644 --- a/examples/ghost/docker-compose.yml +++ b/examples/ghost/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -24,7 +24,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/gogs/docker-compose.yml b/examples/gogs/docker-compose.yml index df6a0e57d..a96e4f047 100644 --- a/examples/gogs/docker-compose.yml +++ b/examples/gogs/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -28,7 +28,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/hardened/docker-compose.yml b/examples/hardened/docker-compose.yml index dac0b84c7..f0c773ef8 100644 --- a/examples/hardened/docker-compose.yml +++ b/examples/hardened/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta # dropping all capabilities cap_drop: - ALL @@ -38,7 +38,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/joomla/docker-compose.yml b/examples/joomla/docker-compose.yml index 522b10294..ee504ebd3 100644 --- a/examples/joomla/docker-compose.yml +++ b/examples/joomla/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -28,7 +28,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/load-balancer/docker-compose.yml b/examples/load-balancer/docker-compose.yml index e1885aa8f..f848d7ff7 100644 --- a/examples/load-balancer/docker-compose.yml +++ b/examples/load-balancer/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -31,7 +31,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/magento/docker-compose.yml b/examples/magento/docker-compose.yml index ef69b4e8f..85db1fdc9 100644 --- a/examples/magento/docker-compose.yml +++ b/examples/magento/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -29,7 +29,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/magento/tests.json b/examples/magento/tests.json index e66d4c583..eb8e10491 100644 --- a/examples/magento/tests.json +++ b/examples/magento/tests.json @@ -3,7 +3,7 @@ "kinds": ["docker", "autoconf", "swarm", "kubernetes"], "timeout": 360, "no_copy_container": true, - "delay": 240, + "delay": 300, "tests": [ { "type": "string", diff --git a/examples/mattermost/docker-compose.yml b/examples/mattermost/docker-compose.yml index d32b439cf..92696d1dc 100644 --- a/examples/mattermost/docker-compose.yml +++ b/examples/mattermost/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -44,7 +44,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/mongo-express/docker-compose.yml b/examples/mongo-express/docker-compose.yml index 35ee63dfc..1c7e020aa 100644 --- a/examples/mongo-express/docker-compose.yml +++ b/examples/mongo-express/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -27,7 +27,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/moodle/docker-compose.yml b/examples/moodle/docker-compose.yml index e55004575..945e21bed 100644 --- a/examples/moodle/docker-compose.yml +++ b/examples/moodle/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -25,7 +25,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/nextcloud/autoconf.yml b/examples/nextcloud/autoconf.yml index db7998c28..cad6b1999 100644 --- a/examples/nextcloud/autoconf.yml +++ b/examples/nextcloud/autoconf.yml @@ -54,7 +54,7 @@ services: setvar:'tx.allowed_methods=GET POST HEAD COPY DELETE LOCK MKCOL MOVE PROPFIND PROPPATCH PUT UNLOCK OPTIONS'" - | bunkerweb.CUSTOM_CONF_MODSEC_nextcloud= - SecRule REQUEST_FILENAME "@rx ^/remote.php/dav/files/" "id:1000,ctl:ruleRemoveByTag=attack-protocol,ctl:ruleRemoveByTag=attack-generic,nolog" + SecRule REQUEST_FILENAME "@rx ^/remote.php/dav/files/" "id:2000,ctl:ruleRemoveByTag=attack-protocol,ctl:ruleRemoveByTag=attack-generic,nolog" mydb: diff --git a/examples/nextcloud/bw-data/configs/modsec/nextcloud.conf b/examples/nextcloud/bw-data/configs/modsec/nextcloud.conf index 093fe8f59..0f57eb894 100644 --- a/examples/nextcloud/bw-data/configs/modsec/nextcloud.conf +++ b/examples/nextcloud/bw-data/configs/modsec/nextcloud.conf @@ -1 +1 @@ -SecRule REQUEST_FILENAME "@rx ^/remote.php/dav/files/" "id:1,ctl:ruleRemoveByTag=attack-protocol,ctl:ruleRemoveByTag=attack-generic,nolog" \ No newline at end of file +SecRule REQUEST_FILENAME "@rx ^/remote.php/dav/files/" "id:2000,ctl:ruleRemoveByTag=attack-protocol,ctl:ruleRemoveByTag=attack-generic,nolog" \ No newline at end of file diff --git a/examples/nextcloud/docker-compose.yml b/examples/nextcloud/docker-compose.yml index 0ee8e336b..129bdf89c 100644 --- a/examples/nextcloud/docker-compose.yml +++ b/examples/nextcloud/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -46,7 +46,7 @@ services: setvar:'tx.allowed_methods=GET POST HEAD COPY DELETE LOCK MKCOL MOVE PROPFIND PROPPATCH PUT UNLOCK OPTIONS'" - | CUSTOM_CONF_MODSEC_nextcloud= - SecRule REQUEST_FILENAME "@rx ^/remote.php/dav/files/" "id:1,ctl:ruleRemoveByTag=attack-protocol,ctl:ruleRemoveByTag=attack-generic,nolog" + SecRule REQUEST_FILENAME "@rx ^/remote.php/dav/files/" "id:2000,ctl:ruleRemoveByTag=attack-protocol,ctl:ruleRemoveByTag=attack-generic,nolog" labels: - "bunkerweb.INSTANCE" # required for the scheduler to recognize the container networks: @@ -54,7 +54,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: @@ -100,7 +100,7 @@ services: - MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password - MYSQL_DATABASE=nc - MYSQL_USER=user - - MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD) + - MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD) networks: - bw-universe - bw-services @@ -110,6 +110,7 @@ volumes: db-data: nc-files: + networks: bw-universe: ipam: diff --git a/examples/passbolt/docker-compose.yml b/examples/passbolt/docker-compose.yml index 9854e02ba..60d74129e 100644 --- a/examples/passbolt/docker-compose.yml +++ b/examples/passbolt/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -26,7 +26,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/php-cookie-flags/docker-compose.yml b/examples/php-cookie-flags/docker-compose.yml index 9ac93aaed..83c209295 100644 --- a/examples/php-cookie-flags/docker-compose.yml +++ b/examples/php-cookie-flags/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -31,7 +31,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/php-multisite/docker-compose.yml b/examples/php-multisite/docker-compose.yml index b41f75939..993a914a4 100644 --- a/examples/php-multisite/docker-compose.yml +++ b/examples/php-multisite/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -34,7 +34,7 @@ services: - net-app2 bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/php-singlesite/docker-compose.yml b/examples/php-singlesite/docker-compose.yml index 89ebaf9b2..bce57ea97 100644 --- a/examples/php-singlesite/docker-compose.yml +++ b/examples/php-singlesite/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -30,7 +30,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/prestashop/docker-compose.yml b/examples/prestashop/docker-compose.yml index 4aa1b446d..eee02b6c8 100644 --- a/examples/prestashop/docker-compose.yml +++ b/examples/prestashop/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -28,7 +28,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/prestashop/tests.json b/examples/prestashop/tests.json index 926584893..073d74a36 100644 --- a/examples/prestashop/tests.json +++ b/examples/prestashop/tests.json @@ -1,8 +1,8 @@ { "name": "prestashop", "kinds": ["docker", "autoconf", "swarm", "kubernetes"], - "timeout": 180, - "delay": 180, + "timeout": 240, + "delay": 240, "tests": [ { "type": "string", diff --git a/examples/proxy-protocol/docker-compose.yml b/examples/proxy-protocol/docker-compose.yml index 2d5cafdd2..3235bfe22 100644 --- a/examples/proxy-protocol/docker-compose.yml +++ b/examples/proxy-protocol/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta environment: - SERVER_NAME=www.example.com # replace with your domains - API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24 @@ -27,7 +27,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/radarr/docker-compose.yml b/examples/radarr/docker-compose.yml index 1eed50fc7..1dc633c1b 100644 --- a/examples/radarr/docker-compose.yml +++ b/examples/radarr/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.5" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -34,7 +34,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/redmine/docker-compose.yml b/examples/redmine/docker-compose.yml index f83d2992b..8566d7d4d 100644 --- a/examples/redmine/docker-compose.yml +++ b/examples/redmine/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -24,7 +24,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/reverse-proxy-multisite/docker-compose.yml b/examples/reverse-proxy-multisite/docker-compose.yml index b72cf5de9..630de9f81 100644 --- a/examples/reverse-proxy-multisite/docker-compose.yml +++ b/examples/reverse-proxy-multisite/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -27,7 +27,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/reverse-proxy-singlesite/docker-compose.yml b/examples/reverse-proxy-singlesite/docker-compose.yml index 6ea2cf0fc..ff462867a 100644 --- a/examples/reverse-proxy-singlesite/docker-compose.yml +++ b/examples/reverse-proxy-singlesite/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -32,7 +32,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/reverse-proxy-websocket/docker-compose.yml b/examples/reverse-proxy-websocket/docker-compose.yml index c364680c5..d0bbaf9ed 100644 --- a/examples/reverse-proxy-websocket/docker-compose.yml +++ b/examples/reverse-proxy-websocket/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -25,7 +25,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/syslog/docker-compose.yml b/examples/syslog/docker-compose.yml index b3c3bd21f..a58c91822 100644 --- a/examples/syslog/docker-compose.yml +++ b/examples/syslog/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta logging: driver: syslog options: @@ -28,7 +28,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta logging: driver: syslog options: diff --git a/examples/tomcat/docker-compose.yml b/examples/tomcat/docker-compose.yml index 3939bf8a1..6ce18b33e 100644 --- a/examples/tomcat/docker-compose.yml +++ b/examples/tomcat/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -23,7 +23,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/tor-hidden-service/docker-compose.yml b/examples/tor-hidden-service/docker-compose.yml index 3baebee71..47835c5c2 100644 --- a/examples/tor-hidden-service/docker-compose.yml +++ b/examples/tor-hidden-service/docker-compose.yml @@ -12,7 +12,7 @@ services: - bw-universe mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta environment: - API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24 # disable common security measures based on IP @@ -34,7 +34,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/examples/web-ui/docker-compose.yml b/examples/web-ui/docker-compose.yml index be41f84c4..fdd69475a 100644 --- a/examples/web-ui/docker-compose.yml +++ b/examples/web-ui/docker-compose.yml @@ -2,7 +2,7 @@ version: "3.5" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -32,7 +32,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: @@ -44,7 +44,7 @@ services: - bw-docker bw-ui: - image: bunkerity/bunkerweb-ui:1.5.0 + image: bunkerity/bunkerweb-ui:1.5.0-beta depends_on: - bw-docker-proxy environment: diff --git a/examples/wordpress/docker-compose.yml b/examples/wordpress/docker-compose.yml index 7123b8d22..2f5ffa520 100644 --- a/examples/wordpress/docker-compose.yml +++ b/examples/wordpress/docker-compose.yml @@ -2,7 +2,7 @@ version: "3" services: mybunker: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -25,7 +25,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - mybunker environment: diff --git a/misc/integrations/autoconf.mariadb.ui.yml b/misc/integrations/autoconf.mariadb.ui.yml index 9ff1d1720..de09fc4d2 100644 --- a/misc/integrations/autoconf.mariadb.ui.yml +++ b/misc/integrations/autoconf.mariadb.ui.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -19,7 +19,7 @@ services: - bw-services bw-autoconf: - image: bunkerity/bunkerweb-autoconf:1.5.0 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta depends_on: - bunkerweb - bw-docker @@ -32,7 +32,7 @@ services: - bw-docker bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - bunkerweb - bw-docker @@ -66,7 +66,7 @@ services: - bw-docker bw-ui: - image: bunkerity/bunkerweb-ui:1.5.0 + image: bunkerity/bunkerweb-ui:1.5.0-beta networks: bw-docker: bw-universe: diff --git a/misc/integrations/autoconf.mariadb.yml b/misc/integrations/autoconf.mariadb.yml index c85e08fda..da03e7875 100644 --- a/misc/integrations/autoconf.mariadb.yml +++ b/misc/integrations/autoconf.mariadb.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -19,7 +19,7 @@ services: - bw-services bw-autoconf: - image: bunkerity/bunkerweb-autoconf:1.5.0 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta depends_on: - bunkerweb - bw-docker @@ -32,7 +32,7 @@ services: - bw-docker bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - bunkerweb - bw-docker diff --git a/misc/integrations/autoconf.mysql.ui.yml b/misc/integrations/autoconf.mysql.ui.yml index 1478dc5ad..46bb6a302 100644 --- a/misc/integrations/autoconf.mysql.ui.yml +++ b/misc/integrations/autoconf.mysql.ui.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -19,7 +19,7 @@ services: - bw-services bw-autoconf: - image: bunkerity/bunkerweb-autoconf:1.5.0 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta depends_on: - bunkerweb - bw-docker @@ -32,7 +32,7 @@ services: - bw-docker bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - bunkerweb - bw-docker @@ -66,7 +66,7 @@ services: - bw-docker bw-ui: - image: bunkerity/bunkerweb-ui:1.5.0 + image: bunkerity/bunkerweb-ui:1.5.0-beta networks: bw-docker: bw-universe: diff --git a/misc/integrations/autoconf.mysql.yml b/misc/integrations/autoconf.mysql.yml index 3e66f69e3..010a28281 100644 --- a/misc/integrations/autoconf.mysql.yml +++ b/misc/integrations/autoconf.mysql.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -19,7 +19,7 @@ services: - bw-services bw-autoconf: - image: bunkerity/bunkerweb-autoconf:1.5.0 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta depends_on: - bunkerweb - bw-docker @@ -32,7 +32,7 @@ services: - bw-docker bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - bunkerweb - bw-docker diff --git a/misc/integrations/autoconf.postgres.ui.yml b/misc/integrations/autoconf.postgres.ui.yml index 53b3c9ed2..3db5b835e 100644 --- a/misc/integrations/autoconf.postgres.ui.yml +++ b/misc/integrations/autoconf.postgres.ui.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -19,7 +19,7 @@ services: - bw-services bw-autoconf: - image: bunkerity/bunkerweb-autoconf:1.5.0 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta depends_on: - bunkerweb - bw-docker @@ -32,7 +32,7 @@ services: - bw-docker bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - bunkerweb - bw-docker @@ -65,7 +65,7 @@ services: - bw-docker bw-ui: - image: bunkerity/bunkerweb-ui:1.5.0 + image: bunkerity/bunkerweb-ui:1.5.0-beta networks: bw-docker: bw-universe: diff --git a/misc/integrations/autoconf.postgres.yml b/misc/integrations/autoconf.postgres.yml index 6924217b4..cf5933599 100644 --- a/misc/integrations/autoconf.postgres.yml +++ b/misc/integrations/autoconf.postgres.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -19,7 +19,7 @@ services: - bw-services bw-autoconf: - image: bunkerity/bunkerweb-autoconf:1.5.0 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta depends_on: - bunkerweb - bw-docker @@ -32,7 +32,7 @@ services: - bw-docker bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - bunkerweb - bw-docker diff --git a/misc/integrations/autoconf.ui.yml b/misc/integrations/autoconf.ui.yml index 60812936a..1e9ca81d9 100644 --- a/misc/integrations/autoconf.ui.yml +++ b/misc/integrations/autoconf.ui.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -18,7 +18,7 @@ services: - bw-services bw-autoconf: - image: bunkerity/bunkerweb-autoconf:1.5.0 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta depends_on: - bunkerweb - bw-docker @@ -32,7 +32,7 @@ services: - bw-docker bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - bunkerweb - bw-docker @@ -55,7 +55,7 @@ services: - bw-docker bw-ui: - image: bunkerity/bunkerweb-ui:1.5.0 + image: bunkerity/bunkerweb-ui:1.5.0-beta networks: bw-docker: bw-universe: diff --git a/misc/integrations/autoconf.yml b/misc/integrations/autoconf.yml index 46cd8ac75..29da75170 100644 --- a/misc/integrations/autoconf.yml +++ b/misc/integrations/autoconf.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -18,7 +18,7 @@ services: - bw-services bw-autoconf: - image: bunkerity/bunkerweb-autoconf:1.5.0 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta depends_on: - bunkerweb - bw-docker @@ -32,7 +32,7 @@ services: - bw-docker bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - bunkerweb - bw-docker diff --git a/misc/integrations/docker.mariadb.ui.yml b/misc/integrations/docker.mariadb.ui.yml index eebffa056..bd728eec8 100644 --- a/misc/integrations/docker.mariadb.ui.yml +++ b/misc/integrations/docker.mariadb.ui.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -29,7 +29,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - bunkerweb - bw-docker @@ -50,7 +50,7 @@ services: - bw-docker bw-ui: - image: bunkerity/bunkerweb-ui:1.5.0 + image: bunkerity/bunkerweb-ui:1.5.0-beta depends_on: - bw-docker environment: diff --git a/misc/integrations/docker.mariadb.yml b/misc/integrations/docker.mariadb.yml index f7a5a2a64..aba08aac3 100644 --- a/misc/integrations/docker.mariadb.yml +++ b/misc/integrations/docker.mariadb.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -17,7 +17,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - bunkerweb - bw-docker diff --git a/misc/integrations/docker.mysql.ui.yml b/misc/integrations/docker.mysql.ui.yml index b49dd086f..a2a1f6b10 100644 --- a/misc/integrations/docker.mysql.ui.yml +++ b/misc/integrations/docker.mysql.ui.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -29,7 +29,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - bunkerweb - bw-docker @@ -50,7 +50,7 @@ services: - bw-docker bw-ui: - image: bunkerity/bunkerweb-ui:1.5.0 + image: bunkerity/bunkerweb-ui:1.5.0-beta depends_on: - bw-docker environment: diff --git a/misc/integrations/docker.mysql.yml b/misc/integrations/docker.mysql.yml index 83e882c4b..51ccf2bd6 100644 --- a/misc/integrations/docker.mysql.yml +++ b/misc/integrations/docker.mysql.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -17,7 +17,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - bunkerweb - bw-docker diff --git a/misc/integrations/docker.postgres.ui.yml b/misc/integrations/docker.postgres.ui.yml index 338bd523a..74a854eeb 100644 --- a/misc/integrations/docker.postgres.ui.yml +++ b/misc/integrations/docker.postgres.ui.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -29,7 +29,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - bunkerweb - bw-docker @@ -50,7 +50,7 @@ services: - bw-docker bw-ui: - image: bunkerity/bunkerweb-ui:1.5.0 + image: bunkerity/bunkerweb-ui:1.5.0-beta depends_on: - bw-docker environment: diff --git a/misc/integrations/docker.postgres.yml b/misc/integrations/docker.postgres.yml index 069a76523..7bf97ba37 100644 --- a/misc/integrations/docker.postgres.yml +++ b/misc/integrations/docker.postgres.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -17,7 +17,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - bunkerweb - bw-docker diff --git a/misc/integrations/docker.ui.yml b/misc/integrations/docker.ui.yml index 521f7ca4e..4b5294380 100644 --- a/misc/integrations/docker.ui.yml +++ b/misc/integrations/docker.ui.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -23,7 +23,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - bunkerweb - bw-docker @@ -45,7 +45,7 @@ services: - bw-docker bw-ui: - image: bunkerity/bunkerweb-ui:1.5.0 + image: bunkerity/bunkerweb-ui:1.5.0-beta depends_on: - bw-docker volumes: diff --git a/misc/integrations/docker.yml b/misc/integrations/docker.yml index 7da82339e..67ab3db09 100644 --- a/misc/integrations/docker.yml +++ b/misc/integrations/docker.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - 80:8080 - 443:8443 @@ -16,7 +16,7 @@ services: - bw-services bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta depends_on: - bunkerweb - bw-docker diff --git a/misc/integrations/k8s.mariadb.ui.yml b/misc/integrations/k8s.mariadb.ui.yml index b9e68cc57..e668ce0cd 100644 --- a/misc/integrations/k8s.mariadb.ui.yml +++ b/misc/integrations/k8s.mariadb.ui.yml @@ -227,7 +227,7 @@ spec: spec: containers: - name: bunkerweb-ui - image: bunkerity/bunkerweb-ui:1.5.0 + image: bunkerity/bunkerweb-ui:1.5.0-beta imagePullPolicy: Always env: - name: ADMIN_USERNAME diff --git a/misc/integrations/k8s.mysql.ui.yml b/misc/integrations/k8s.mysql.ui.yml index 5f8b6c89c..21f9f80df 100644 --- a/misc/integrations/k8s.mysql.ui.yml +++ b/misc/integrations/k8s.mysql.ui.yml @@ -285,7 +285,7 @@ spec: spec: containers: - name: bunkerweb-ui - image: bunkerity/bunkerweb-ui:1.5.0 + image: bunkerity/bunkerweb-ui:1.5.0-beta imagePullPolicy: Always env: - name: ADMIN_USERNAME diff --git a/misc/integrations/k8s.postgres.ui.yml b/misc/integrations/k8s.postgres.ui.yml index 876ca28c8..64a50f5ee 100644 --- a/misc/integrations/k8s.postgres.ui.yml +++ b/misc/integrations/k8s.postgres.ui.yml @@ -225,7 +225,7 @@ spec: spec: containers: - name: bunkerweb-ui - image: bunkerity/bunkerweb-ui:1.5.0 + image: bunkerity/bunkerweb-ui:1.5.0-beta imagePullPolicy: Always env: - name: ADMIN_USERNAME diff --git a/misc/integrations/swarm.mariadb.ui.yml b/misc/integrations/swarm.mariadb.ui.yml index 68f026756..e71a37b0d 100644 --- a/misc/integrations/swarm.mariadb.ui.yml +++ b/misc/integrations/swarm.mariadb.ui.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - published: 80 target: 8080 @@ -32,7 +32,7 @@ services: - "bunkerweb.INSTANCE" bw-autoconf: - image: bunkerity/bunkerweb-autoconf:1.5.0 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta environment: - SWARM_MODE=yes - DOCKER_HOST=tcp://bw-docker:2375 @@ -59,7 +59,7 @@ services: - "node.role == manager" bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta environment: - SWARM_MODE=yes - DOCKER_HOST=tcp://bw-docker:2375 @@ -86,7 +86,7 @@ services: - bw-universe bw-ui: - image: bunkerity/bunkerweb-ui:1.5.0 + image: bunkerity/bunkerweb-ui:1.5.0-beta environment: - DATABASE_URI=mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db # Remember to set a stronger password for the database - DOCKER_HOST=tcp://bw-docker:2375 diff --git a/misc/integrations/swarm.mariadb.yml b/misc/integrations/swarm.mariadb.yml index e95af2ef6..90d0a7d4d 100644 --- a/misc/integrations/swarm.mariadb.yml +++ b/misc/integrations/swarm.mariadb.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - published: 80 target: 8080 @@ -32,7 +32,7 @@ services: - "bunkerweb.INSTANCE" bw-autoconf: - image: bunkerity/bunkerweb-autoconf:1.5.0 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta environment: - SWARM_MODE=yes - DOCKER_HOST=tcp://bw-docker:2375 @@ -63,7 +63,7 @@ services: - "node.role == manager" bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta environment: - SWARM_MODE=yes - DOCKER_HOST=tcp://bw-docker:2375 diff --git a/misc/integrations/swarm.mysql.ui.yml b/misc/integrations/swarm.mysql.ui.yml index 00eb48b38..487618549 100644 --- a/misc/integrations/swarm.mysql.ui.yml +++ b/misc/integrations/swarm.mysql.ui.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - published: 80 target: 8080 @@ -32,7 +32,7 @@ services: - "bunkerweb.INSTANCE" bw-autoconf: - image: bunkerity/bunkerweb-autoconf:1.5.0 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta environment: - SWARM_MODE=yes - DOCKER_HOST=tcp://bw-docker:2375 @@ -59,7 +59,7 @@ services: - "node.role == manager" bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta environment: - SWARM_MODE=yes - DOCKER_HOST=tcp://bw-docker:2375 @@ -86,7 +86,7 @@ services: - bw-universe bw-ui: - image: bunkerity/bunkerweb-ui:1.5.0 + image: bunkerity/bunkerweb-ui:1.5.0-beta environment: - DATABASE_URI=mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db # Remember to set a stronger password for the database - DOCKER_HOST=tcp://bw-docker:2375 diff --git a/misc/integrations/swarm.mysql.yml b/misc/integrations/swarm.mysql.yml index e46142a7c..bd9ac4286 100644 --- a/misc/integrations/swarm.mysql.yml +++ b/misc/integrations/swarm.mysql.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - published: 80 target: 8080 @@ -32,7 +32,7 @@ services: - "bunkerweb.INSTANCE" bw-autoconf: - image: bunkerity/bunkerweb-autoconf:1.5.0 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta environment: - SWARM_MODE=yes - DOCKER_HOST=tcp://bw-docker:2375 @@ -59,7 +59,7 @@ services: - "node.role == manager" bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta environment: - SWARM_MODE=yes - DOCKER_HOST=tcp://bw-docker:2375 diff --git a/misc/integrations/swarm.postgres.ui.yml b/misc/integrations/swarm.postgres.ui.yml index e2e0f0f2d..b6f8c1891 100644 --- a/misc/integrations/swarm.postgres.ui.yml +++ b/misc/integrations/swarm.postgres.ui.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - published: 80 target: 8080 @@ -32,7 +32,7 @@ services: - "bunkerweb.INSTANCE" bw-autoconf: - image: bunkerity/bunkerweb-autoconf:1.5.0 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta environment: - SWARM_MODE=yes - DOCKER_HOST=tcp://bw-docker:2375 @@ -59,7 +59,7 @@ services: - "node.role == manager" bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta environment: - SWARM_MODE=yes - DOCKER_HOST=tcp://bw-docker:2375 @@ -85,7 +85,7 @@ services: - bw-universe bw-ui: - image: bunkerity/bunkerweb-ui:1.5.0 + image: bunkerity/bunkerweb-ui:1.5.0-beta environment: - DATABASE_URI=postgresql://bunkerweb:changeme@bw-db:5432/db - DOCKER_HOST=tcp://bw-docker:2375 diff --git a/misc/integrations/swarm.postgres.yml b/misc/integrations/swarm.postgres.yml index 908308bc7..0936527fc 100644 --- a/misc/integrations/swarm.postgres.yml +++ b/misc/integrations/swarm.postgres.yml @@ -2,7 +2,7 @@ version: "3.5" services: bunkerweb: - image: bunkerity/bunkerweb:1.5.0 + image: bunkerity/bunkerweb:1.5.0-beta ports: - published: 80 target: 8080 @@ -32,7 +32,7 @@ services: - "bunkerweb.INSTANCE" bw-autoconf: - image: bunkerity/bunkerweb-autoconf:1.5.0 + image: bunkerity/bunkerweb-autoconf:1.5.0-beta environment: - SWARM_MODE=yes - DOCKER_HOST=tcp://bw-docker:2375 @@ -59,7 +59,7 @@ services: - "node.role == manager" bw-scheduler: - image: bunkerity/bunkerweb-scheduler:1.5.0 + image: bunkerity/bunkerweb-scheduler:1.5.0-beta environment: - SWARM_MODE=yes - DOCKER_HOST=tcp://bw-docker:2375 diff --git a/src/VERSION b/src/VERSION index 3e1ad720b..fbba4fcda 100644 --- a/src/VERSION +++ b/src/VERSION @@ -1 +1 @@ -1.5.0 \ No newline at end of file +1.5.0-beta \ No newline at end of file diff --git a/src/common/core/misc/jobs/default-server-cert.py b/src/common/core/misc/jobs/default-server-cert.py index dc7238068..1f18cf652 100644 --- a/src/common/core/misc/jobs/default-server-cert.py +++ b/src/common/core/misc/jobs/default-server-cert.py @@ -2,7 +2,7 @@ from os import getenv, makedirs from os.path import isfile -from subprocess import DEVNULL, STDOUT, run +from subprocess import DEVNULL, run from sys import exit as sys_exit, path as sys_path from traceback import format_exc diff --git a/src/ui/templates/loading.html b/src/ui/templates/loading.html index e2170a921..94357ca15 100644 --- a/src/ui/templates/loading.html +++ b/src/ui/templates/loading.html @@ -39,7 +39,7 @@ setInterval(() => { logoEl.classList.toggle("scale-105"); }, 300); - const reloading = setInterval(check_reloading, 1000); + const reloading = setInterval(check_reloading, 2000); async function check_reloading() { const controller = new AbortController(); diff --git a/tests/ui/main.py b/tests/ui/main.py index b21717e18..1047d9554 100644 --- a/tests/ui/main.py +++ b/tests/ui/main.py @@ -847,7 +847,7 @@ try: assert_alert_message(driver, "was successfully created") - sleep(5) + sleep(15) driver.execute_script("window.open('http://www.example.com/hello','_blank');") driver.switch_to.window(driver.window_handles[1])