diff --git a/examples/mongo-express/autoconf.yml b/examples/mongo-express/autoconf.yml index 6580bb121..b92096e5f 100644 --- a/examples/mongo-express/autoconf.yml +++ b/examples/mongo-express/autoconf.yml @@ -31,6 +31,7 @@ services: depends_on: - mongo labels: + - bunkerweb.SERVER_NAME=www.example.com - bunkerweb.USE_REVERSE_PROXY=yes - bunkerweb.REVERSE_PROXY_URL=/ - bunkerweb.REVERSE_PROXY_HOST=http://mongo-ui:8081 diff --git a/examples/moodle/autoconf.yml b/examples/moodle/autoconf.yml new file mode 100644 index 000000000..bdd1624ea --- /dev/null +++ b/examples/moodle/autoconf.yml @@ -0,0 +1,55 @@ +version: '3' + +services: + + mymoodle: + image: bitnami/moodle:latest + networks: + bw-services: + aliases: + - mymoodle + depends_on: + - mydb + volumes: + - moodle_files:/bitnami/moodle + - moodle_data:/bitnami/moodledata + environment: + - MOODLE_USERNAME=admin # replace with your moodle admin username + - MOODLE_PASSWORD=password # replace with your moodle admin password + - MOODLE_EMAIL=moodle@example.com # replace with your moodle admin email + - MOODLE_SITE_NAME=My Moodle # replace with your moodle site name + - MOODLE_DATABASE_HOST=mydb + - MOODLE_DATABASE_NAME=moodle + - MOODLE_DATABASE_USER=user + - MOODLE_DATABASE_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD) + labels: + - bunkerweb.SERVER_NAME=www.example.com + - bunkerweb.USE_REVERSE_PROXY=yes + - bunkerweb.REVERSE_PROXY_URL=/ + - bunkerweb.REVERSE_PROXY_HOST=https://mymoodle:8443 + + mydb: + image: mariadb:10.5 + volumes: + - db_data:/var/lib/mysql + networks: + bw-services: + aliases: + - mydb + environment: + - MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password + - MYSQL_DATABASE=moodle + - MYSQL_USER=user + - MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MOODLE_DATABASE_PASSWORD) + - MARIADB_CHARACTER_SET=utf8mb4 + - MARIADB_COLLATE=utf8mb4_unicode_ci + +networks: + bw-services: + external: + name: bw-services + +volumes: + db_data: + moodle_files: + moodle_data: \ No newline at end of file diff --git a/examples/nextcloud/setup.sh b/examples/moodle/cleanup-kubernetes.sh similarity index 63% rename from examples/nextcloud/setup.sh rename to examples/moodle/cleanup-kubernetes.sh index 556099fb8..bf59792f1 100755 --- a/examples/nextcloud/setup.sh +++ b/examples/moodle/cleanup-kubernetes.sh @@ -5,5 +5,4 @@ if [ $(id -u) -ne 0 ] ; then exit 1 fi -chown -R root:101 bw-data -chmod -R 770 bw-data \ No newline at end of file +helm delete moodle \ No newline at end of file diff --git a/examples/moodle/kubernetes.yml b/examples/moodle/kubernetes.yml new file mode 100644 index 000000000..749cdb738 --- /dev/null +++ b/examples/moodle/kubernetes.yml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: ingress + annotations: + bunkerweb.io/AUTO_LETS_ENCRYPT: "yes" +spec: + rules: + - host: www.example.com + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: moodle + port: + number: 8443 \ No newline at end of file diff --git a/examples/moodle/moodle-chart-values.yml b/examples/moodle/moodle-chart-values.yml new file mode 100644 index 000000000..a0560d710 --- /dev/null +++ b/examples/moodle/moodle-chart-values.yml @@ -0,0 +1,4 @@ +moodleSiteName: "My Moodle" +moodleUsername: "admin" +moodlePassword: "changeme42" +moodleEmail: "admin@example.com" \ No newline at end of file diff --git a/examples/moodle/setup-kubernetes.sh b/examples/moodle/setup-kubernetes.sh new file mode 100755 index 000000000..d3c41416b --- /dev/null +++ b/examples/moodle/setup-kubernetes.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +if [ $(id -u) -ne 0 ] ; then + echo "❌ Run me as root" + exit 1 +fi + +helm repo add bitnami https://charts.bitnami.com/bitnami +helm install -f moodle-chart-values.yml moodle bitnami/moodle \ No newline at end of file diff --git a/examples/moodle/swarm.yml b/examples/moodle/swarm.yml new file mode 100644 index 000000000..4d0aa0ca8 --- /dev/null +++ b/examples/moodle/swarm.yml @@ -0,0 +1,59 @@ +version: '3' + +services: + + mymoodle: + image: bitnami/moodle:latest + networks: + - bw-services + depends_on: + - mydb + volumes: + - moodle_files:/bitnami/moodle + - moodle_data:/bitnami/moodledata + environment: + - MOODLE_USERNAME=admin # replace with your moodle admin username + - MOODLE_PASSWORD=password # replace with your moodle admin password + - MOODLE_EMAIL=moodle@example.com # replace with your moodle admin email + - MOODLE_SITE_NAME=My Moodle # replace with your moodle site name + - MOODLE_DATABASE_HOST=mydb + - MOODLE_DATABASE_NAME=moodle + - MOODLE_DATABASE_USER=user + - MOODLE_DATABASE_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD) + deploy: + placement: + constraints: + - "node.role==worker" + labels: + - bunkerweb.SERVER_NAME=www.example.com + - bunkerweb.USE_REVERSE_PROXY=yes + - bunkerweb.REVERSE_PROXY_URL=/ + - bunkerweb.REVERSE_PROXY_HOST=https://mymoodle:8443 + + mydb: + image: mariadb:10.5 + volumes: + - db_data:/var/lib/mysql + networks: + - bw-services + environment: + - MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password + - MYSQL_DATABASE=moodle + - MYSQL_USER=user + - MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MOODLE_DATABASE_PASSWORD) + - MARIADB_CHARACTER_SET=utf8mb4 + - MARIADB_COLLATE=utf8mb4_unicode_ci + deploy: + placement: + constraints: + - "node.role==worker" + +networks: + bw-services: + external: + name: bw-services + +volumes: + db_data: + moodle_files: + moodle_data: \ No newline at end of file diff --git a/examples/moodle/tests.json b/examples/moodle/tests.json new file mode 100644 index 000000000..b902d0bf0 --- /dev/null +++ b/examples/moodle/tests.json @@ -0,0 +1,17 @@ +{ + "name": "moodle", + "kinds": [ + "docker", + "autoconf", + "swarm", + "kubernetes" + ], + "timeout": 300, + "tests": [ + { + "type": "string", + "url": "https://www.example.com", + "string": "moodle" + } + ] +} \ No newline at end of file diff --git a/examples/nextcloud/autoconf.yml b/examples/nextcloud/autoconf.yml new file mode 100644 index 000000000..5cb1cb184 --- /dev/null +++ b/examples/nextcloud/autoconf.yml @@ -0,0 +1,57 @@ +version: '3' + +services: + + mync: + image: nextcloud:stable-apache + volumes: + - ./nc-files:/var/www/html + networks: + bw-services: + aliases: + - mync + environment: + - MYSQL_HOST=mydb + - MYSQL_DATABASE=nc + - MYSQL_USER=user + - MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD) + - NEXTCLOUD_ADMIN_USER=admin # replace with the admin username + - NEXTCLOUD_ADMIN_PASSWORD=changeme # replace with a stronger password + - NEXTCLOUD_TRUSTED_DOMAINS=www.example.com # replace with your domain(s) + - TRUSTED_PROXIES=192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 + - APACHE_DISABLE_REWRITE_IP=1 + labels: + - bunkerweb.SERVER_NAME=www.example.com # replace with your domain + - bunkerweb.MAX_CLIENT_SIZE=10G + - bunkerweb.ALLOWED_METHODS=GET|POST|HEAD|COPY|DELETE|LOCK|MKCOL|MOVE|PROPFIND|PROPPATCH|PUT|UNLOCK|OPTIONS + - bunkerweb.X_FRAME_OPTIONS=SAMEORIGIN + - bunkerweb.BAD_BEHAVIOR_STATUS_CODES=400 401 403 405 444 + - bunkerweb.USE_REVERSE_PROXY=yes + - bunkerweb.REVERSE_PROXY_URL=/ + - bunkerweb.REVERSE_PROXY_HOST=http://mync + - bunkerweb.LIMIT_REQ_URL_1=/apps + - bunkerweb.LIMIT_REQ_RATE_1=5r/s + - bunkerweb.LIMIT_REQ_URL_2=/apps/text/session/sync + - bunkerweb.LIMIT_REQ_RATE_2=8r/s + - bunkerweb.LIMIT_REQ_URL_3=/core/preview + - bunkerweb.LIMIT_REQ_RATE_3=5r/s + + mydb: + image: mariadb + command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW + volumes: + - ./db-data:/var/lib/mysql + networks: + bw-services: + aliases: + - mydb + environment: + - MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password + - MYSQL_DATABASE=nc + - MYSQL_USER=user + - MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD) + +networks: + bw-services: + external: + name: bw-services \ No newline at end of file diff --git a/examples/nextcloud/cleanup-kubernetes.sh b/examples/nextcloud/cleanup-kubernetes.sh new file mode 100755 index 000000000..f2410c85b --- /dev/null +++ b/examples/nextcloud/cleanup-kubernetes.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +if [ $(id -u) -ne 0 ] ; then + echo "❌ Run me as root" + exit 1 +fi + +helm delete nextcloud \ No newline at end of file diff --git a/examples/nextcloud/docker-compose.yml b/examples/nextcloud/docker-compose.yml index 117942244..cf47c127b 100644 --- a/examples/nextcloud/docker-compose.yml +++ b/examples/nextcloud/docker-compose.yml @@ -26,7 +26,6 @@ services: - X_FRAME_OPTIONS=SAMEORIGIN - USE_GZIP=yes - BAD_BEHAVIOR_STATUS_CODES=400 401 403 405 444 - - WHITELIST_USER_AGENT=WebDAV - USE_REVERSE_PROXY=yes - REVERSE_PROXY_URL=/ - REVERSE_PROXY_HOST=http://mync diff --git a/examples/nextcloud/kubernetes.yml b/examples/nextcloud/kubernetes.yml new file mode 100644 index 000000000..d2ba5d6f4 --- /dev/null +++ b/examples/nextcloud/kubernetes.yml @@ -0,0 +1,28 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: ingress + annotations: + bunkerweb.io/AUTO_LETS_ENCRYPT: "yes" + bunkerweb.io/www.example.com_MAX_CLIENT_SIZE: "10G" + bunkerweb.io/www.example.com_ALLOWED_METHODS: "GET|POST|HEAD|COPY|DELETE|LOCK|MKCOL|MOVE|PROPFIND|PROPPATCH|PUT|UNLOCK|OPTIONS" + bunkerweb.io/www.example.com_X_FRAME_OPTIONS: "SAMEORIGIN" + bunkerweb.io/www.example.com_BAD_BEHAVIOR_STATUS_CODES: "400 401 403 405 444" + bunkerweb.io/www.example.com_LIMIT_REQ_URL_1: "/apps" + bunkerweb.io/www.example.com_LIMIT_REQ_RATE_1: "5r/s" + bunkerweb.io/www.example.com_LIMIT_REQ_URL_2: "/apps/text/session/sync" + bunkerweb.io/www.example.com_LIMIT_REQ_RATE_2: "8r/s" + bunkerweb.io/www.example.com_LIMIT_REQ_URL_3: "/core/preview" + bunkerweb.io/www.example.com_LIMIT_REQ_RATE_3: "5r/s" +spec: + rules: + - host: www.example.com + http: + paths: + path: / + pathType: Prefix + backend: + service: + name: nextcloud + port: + number: 8080 \ No newline at end of file diff --git a/examples/nextcloud/nextcloud-chart-values.yml b/examples/nextcloud/nextcloud-chart-values.yml new file mode 100644 index 000000000..ad0645977 --- /dev/null +++ b/examples/nextcloud/nextcloud-chart-values.yml @@ -0,0 +1,8 @@ +phpClientHttpsFix: + enabled: true + protocol: https + +nextcloud: + host: www.example.com + username: user + password: changeme42 \ No newline at end of file diff --git a/examples/nextcloud/setup-kubernetes.sh b/examples/nextcloud/setup-kubernetes.sh new file mode 100755 index 000000000..cbe163b3e --- /dev/null +++ b/examples/nextcloud/setup-kubernetes.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +if [ $(id -u) -ne 0 ] ; then + echo "❌ Run me as root" + exit 1 +fi + +helm repo add nextcloud https://nextcloud.github.io/helm/ +helm install -f nextcloud-chart-values.yml nextcloud nextcloud/nextcloud \ No newline at end of file diff --git a/examples/nextcloud/setup-swarm.sh b/examples/nextcloud/setup-swarm.sh new file mode 100755 index 000000000..ea24da443 --- /dev/null +++ b/examples/nextcloud/setup-swarm.sh @@ -0,0 +1,15 @@ +#!/bin/bash + +# docker-compose doesn't support assigning labels to configs +# so we need to create the configs with the CLI +# bunkerweb.CONFIG_TYPE accepted values are http, stream, server-http, server-stream, default-server-http, modsec and modsec-crs +# bunkerweb.CONFIG_SITE lets you choose on which web service the config should be applied (MULTISITE mode) and if it's not set, the config will be applied for all services +# more info at https://docs.bunkerweb.io + +# remove configs if existing +docker config rm cfg_nextcloud_modsec +docker config rm cfg_nextcloud_modsec_crs + +# create configs +docker config create -l bunkerweb.CONFIG_TYPE=modsec cfg_nextcloud_modsec -l bunkerweb.CONFIG_SITE=www.example.com ./bw-data/configs/modsec/nextcloud.conf +docker config create -l bunkerweb.CONFIG_TYPE=modsec-crs cfg_nextcloud_modsec_crs -l bunkerweb.CONFIG_SITE=www.example.com ./bw-data/configs/modsec-crs/nextcloud.conf \ No newline at end of file diff --git a/examples/nextcloud/swarm.yml b/examples/nextcloud/swarm.yml new file mode 100644 index 000000000..00edb8de2 --- /dev/null +++ b/examples/nextcloud/swarm.yml @@ -0,0 +1,65 @@ +version: '3' + +services: + + mync: + image: nextcloud:stable-apache + volumes: + - nc_files:/var/www/html + networks: + - bw-services + environment: + - MYSQL_HOST=mydb + - MYSQL_DATABASE=nc + - MYSQL_USER=user + - MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD) + - NEXTCLOUD_ADMIN_USER=admin # replace with the admin username + - NEXTCLOUD_ADMIN_PASSWORD=changeme # replace with a stronger password + - NEXTCLOUD_TRUSTED_DOMAINS=www.example.com # replace with your domain(s) + - TRUSTED_PROXIES=192.168.0.0/16 172.16.0.0/12 10.0.0.0/8 + - APACHE_DISABLE_REWRITE_IP=1 + deploy: + placement: + constraints: + - "node.role==worker" + labels: + - bunkerweb.SERVER_NAME=www.example.com # replace with your domain + - bunkerweb.MAX_CLIENT_SIZE=10G + - bunkerweb.ALLOWED_METHODS=GET|POST|HEAD|COPY|DELETE|LOCK|MKCOL|MOVE|PROPFIND|PROPPATCH|PUT|UNLOCK|OPTIONS + - bunkerweb.X_FRAME_OPTIONS=SAMEORIGIN + - bunkerweb.BAD_BEHAVIOR_STATUS_CODES=400 401 403 405 444 + - bunkerweb.USE_REVERSE_PROXY=yes + - bunkerweb.REVERSE_PROXY_URL=/ + - bunkerweb.REVERSE_PROXY_HOST=http://mync + - bunkerweb.LIMIT_REQ_URL_1=/apps + - bunkerweb.LIMIT_REQ_RATE_1=5r/s + - bunkerweb.LIMIT_REQ_URL_2=/apps/text/session/sync + - bunkerweb.LIMIT_REQ_RATE_2=8r/s + - bunkerweb.LIMIT_REQ_URL_3=/core/preview + - bunkerweb.LIMIT_REQ_RATE_3=5r/s + + mydb: + image: mariadb + command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW + volumes: + - db_data:/var/lib/mysql + networks: + - bw-services + environment: + - MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password + - MYSQL_DATABASE=nc + - MYSQL_USER=user + - MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD) + deploy: + placement: + constraints: + - "node.role==worker" + +networks: + bw-services: + external: + name: bw-services + +volumes: + nc_files: + db_data: \ No newline at end of file diff --git a/examples/nextcloud/tests.json b/examples/nextcloud/tests.json new file mode 100644 index 000000000..b9ef042ff --- /dev/null +++ b/examples/nextcloud/tests.json @@ -0,0 +1,17 @@ +{ + "name": "nextcloud", + "kinds": [ + "docker", + "autoconf", + "swarm", + "kubernetes" + ], + "timeout": 120, + "tests": [ + { + "type": "string", + "url": "https://www.example.com", + "string": "nextcloud" + } + ] +} \ No newline at end of file diff --git a/examples/passbolt/autoconf.yml b/examples/passbolt/autoconf.yml new file mode 100644 index 000000000..cf9c2c029 --- /dev/null +++ b/examples/passbolt/autoconf.yml @@ -0,0 +1,45 @@ +version: '3' + +services: + + # you will need to add a user by hand + # example : docker-compose exec mypassbolt su -m -c "bin/cake passbolt register_user -u your@email.com -f yourname -l surname -r admin" -s /bin/sh www-data + # more info at https://github.com/passbolt/passbolt_docker + mypassbolt: + image: passbolt/passbolt + command: ["/usr/bin/wait-for.sh", "-t", "0", "mydb:3306", "--", "/docker-entrypoint.sh"] + networks: + bw-services: + aliases: + - mypassbolt + environment: + - DATASOURCES_DEFAULT_HOST=mydb + - DATASOURCES_DEFAULT_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD) + - DATASOURCES_DEFAULT_USERNAME=user + - DATASOURCES_DEFAULT_DATABASE=passbolt + - APP_FULL_BASE_URL=https://www.example.com # replace with your URL + labels: + - bunkerweb.SERVER_NAME=www.example.com + - bunkerweb.ALLOWED_METHODS=GET|POST|HEAD|PUT|DELETE + - bunkerweb.USE_REVERSE_PROXY=yes + - bunkerweb.REVERSE_PROXY_URL=/ + - bunkerweb.REVERSE_PROXY_HOST=https://mypassbolt + + mydb: + image: mariadb + volumes: + - ./db-data:/var/lib/mysql + networks: + bw-services: + aliases: + - mydb + environment: + - MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password + - MYSQL_DATABASE=passbolt + - MYSQL_USER=user + - MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match DATASOURCES_DEFAULT_PASSWORD) + +networks: + bw-services: + external: + name: bw-services \ No newline at end of file diff --git a/examples/passbolt/swarm.yml b/examples/passbolt/swarm.yml new file mode 100644 index 000000000..b8691b51e --- /dev/null +++ b/examples/passbolt/swarm.yml @@ -0,0 +1,52 @@ +version: '3' + +services: + + # you will need to add a user by hand + # example : docker-compose exec mypassbolt su -m -c "bin/cake passbolt register_user -u your@email.com -f yourname -l surname -r admin" -s /bin/sh www-data + # more info at https://github.com/passbolt/passbolt_docker + mypassbolt: + image: passbolt/passbolt + command: ["/usr/bin/wait-for.sh", "-t", "0", "mydb:3306", "--", "/docker-entrypoint.sh"] + networks: + - bw-services + environment: + - DATASOURCES_DEFAULT_HOST=mydb + - DATASOURCES_DEFAULT_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD) + - DATASOURCES_DEFAULT_USERNAME=user + - DATASOURCES_DEFAULT_DATABASE=passbolt + - APP_FULL_BASE_URL=https://www.example.com # replace with your URL + deploy: + placement: + constraints: + - "node.role==worker" + labels: + - bunkerweb.SERVER_NAME=www.example.com + - bunkerweb.ALLOWED_METHODS=GET|POST|HEAD|PUT|DELETE + - bunkerweb.USE_REVERSE_PROXY=yes + - bunkerweb.REVERSE_PROXY_URL=/ + - bunkerweb.REVERSE_PROXY_HOST=https://mypassbolt + + mydb: + image: mariadb + volumes: + - db_data:/var/lib/mysql + networks: + - bw-services + environment: + - MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password + - MYSQL_DATABASE=passbolt + - MYSQL_USER=user + - MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match DATASOURCES_DEFAULT_PASSWORD) + deploy: + placement: + constraints: + - "node.role==worker" + +networks: + bw-services: + external: + name: bw-services + +volumes: + db_data: \ No newline at end of file diff --git a/examples/passbolt/tests.json b/examples/passbolt/tests.json new file mode 100644 index 000000000..212c28190 --- /dev/null +++ b/examples/passbolt/tests.json @@ -0,0 +1,16 @@ +{ + "name": "passbolt", + "kinds": [ + "docker", + "autoconf", + "swarm" + ], + "timeout": 120, + "tests": [ + { + "type": "string", + "url": "https://www.example.com", + "string": "passbolt" + } + ] +} \ No newline at end of file diff --git a/examples/php-multisite/autoconf.yml b/examples/php-multisite/autoconf.yml new file mode 100644 index 000000000..1e19ffbae --- /dev/null +++ b/examples/php-multisite/autoconf.yml @@ -0,0 +1,43 @@ +version: '3' + +services: + + myapp1: + image: php:fpm + # ⚠️ UID and GID of mywww (101:101) and php:fpm (33:33) are not the same ⚠️ + # but both needs access to the files and folders of web-files + # don't forget to edit the permissions of the files and folders accordingly + # example : chown -R 33:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \; + volumes: + - ./bw-data/www/app1.example.com:/app # folder containing PHP app1 (don't forget to rename it) + networks: + bw-services: + aliases: + - myapp1 + labels: + - bunkerweb.SERVER_NAME=app1.example.com + - bunkerweb.REMOTE_PHP=myapp1 + - bunkerweb.REMOTE_PHP_PATH=/app + + myapp2: + image: php:fpm + # ⚠️ UID and GID of bunkerweb (101:101) and php:fpm (33:33) are not the same ⚠️ + # but both needs access to the files and folders of web-files + # don't forget to edit the permissions of the files and folders accordingly + # example : chown -R 33:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \; + volumes: + - ./bw-data/www/app2.example.com:/app # folder containing PHP app2 (don't forget to rename it) + networks: + bw-services: + aliases: + - myapp2 + labels: + - bunkerweb.SERVER_NAME=app2.example.com + - bunkerweb.REMOTE_PHP=myapp2 + - bunkerweb.REMOTE_PHP_PATH=/app + + +networks: + bw-services: + external: + name: bw-services \ No newline at end of file diff --git a/examples/php-multisite/setup.sh b/examples/php-multisite/setup-autoconf.sh similarity index 62% rename from examples/php-multisite/setup.sh rename to examples/php-multisite/setup-autoconf.sh index feea1a687..8bc8b988a 100755 --- a/examples/php-multisite/setup.sh +++ b/examples/php-multisite/setup-autoconf.sh @@ -5,8 +5,6 @@ if [ $(id -u) -ne 0 ] ; then exit 1 fi -chown -R root:101 bw-data -chmod -R 770 bw-data chown -R 33:101 ./bw-data/www find ./bw-data/www -type f -exec chmod 0640 {} \; -find ./bw-data/www -type d -exec chmod 0750 {} \; \ No newline at end of file +find ./bw-data/www -type d -exec chmod 0750 {} \; diff --git a/examples/php-singlesite/setup.sh b/examples/php-multisite/setup-docker.sh similarity index 62% rename from examples/php-singlesite/setup.sh rename to examples/php-multisite/setup-docker.sh index feea1a687..8bc8b988a 100755 --- a/examples/php-singlesite/setup.sh +++ b/examples/php-multisite/setup-docker.sh @@ -5,8 +5,6 @@ if [ $(id -u) -ne 0 ] ; then exit 1 fi -chown -R root:101 bw-data -chmod -R 770 bw-data chown -R 33:101 ./bw-data/www find ./bw-data/www -type f -exec chmod 0640 {} \; -find ./bw-data/www -type d -exec chmod 0750 {} \; \ No newline at end of file +find ./bw-data/www -type d -exec chmod 0750 {} \; diff --git a/examples/php-multisite/tests.json b/examples/php-multisite/tests.json new file mode 100644 index 000000000..f4380f929 --- /dev/null +++ b/examples/php-multisite/tests.json @@ -0,0 +1,20 @@ +{ + "name": "php-multisite", + "kinds": [ + "docker", + "autoconf" + ], + "timeout": 60, + "tests": [ + { + "type": "string", + "url": "https://app1.example.com", + "string": "app1" + }, + { + "type": "string", + "url": "https://app2.example.com", + "string": "app2" + } + ] +} \ No newline at end of file diff --git a/examples/php-singlesite/setup-docker.sh b/examples/php-singlesite/setup-docker.sh new file mode 100755 index 000000000..8bc8b988a --- /dev/null +++ b/examples/php-singlesite/setup-docker.sh @@ -0,0 +1,10 @@ +#!/bin/bash + +if [ $(id -u) -ne 0 ] ; then + echo "❌ Run me as root" + exit 1 +fi + +chown -R 33:101 ./bw-data/www +find ./bw-data/www -type f -exec chmod 0640 {} \; +find ./bw-data/www -type d -exec chmod 0750 {} \; diff --git a/examples/php-singlesite/tests.json b/examples/php-singlesite/tests.json new file mode 100644 index 000000000..8929aeae5 --- /dev/null +++ b/examples/php-singlesite/tests.json @@ -0,0 +1,14 @@ +{ + "name": "php-singlesite", + "kinds": [ + "docker" + ], + "timeout": 60, + "tests": [ + { + "type": "string", + "url": "https://www.example.com", + "string": "hello" + } + ] +} \ No newline at end of file diff --git a/examples/prestashop/autoconf.yml b/examples/prestashop/autoconf.yml new file mode 100644 index 000000000..85588b73f --- /dev/null +++ b/examples/prestashop/autoconf.yml @@ -0,0 +1,48 @@ +version: '3' + +services: + + myps: + image: prestashop/prestashop:1.7 + volumes: + - ./ps-data:/var/www/html + networks: + bw-services: + aliases: + - myps + environment: + - DB_SERVER=mydb + - DB_USER=user + - DB_PASSWD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD) + - DB_PREFIX=prefix_ # replace with a random prefix (good security practice) + - DB_NAME=prestashop + - PS_ENABLE_SSL=1 + - ADMIN_MAIL=admin@example.com # change to the prestashop admin email + - ADMIN_PASSWD=changeme # change to the prestashop admin password + labels: + - bunkerweb.SERVER_NAME=www.example.com + - bunkerweb.MAX_CLIENT_SIZE=50m + - bunkerweb.USE_REVERSE_PROXY=yes + - bunkerweb.REVERSE_PROXY_URL=/ + - bunkerweb.REVERSE_PROXY_HOST=http://myps + - bunkerweb.LIMIT_REQ_URL_1=/install/index.php + - bunkerweb.LIMIT_REQ_RATE_1=8r/s + + mydb: + image: mariadb + volumes: + - ./db-data:/var/lib/mysql + networks: + bw-services: + aliases: + - mydb + environment: + - MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password + - MYSQL_DATABASE=prestashop + - MYSQL_USER=user + - MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match DB_PASSWD) + +networks: + bw-services: + external: + name: bw-services \ No newline at end of file diff --git a/examples/prestashop/cleanup-kubernetes.sh b/examples/prestashop/cleanup-kubernetes.sh new file mode 100755 index 000000000..45acc705b --- /dev/null +++ b/examples/prestashop/cleanup-kubernetes.sh @@ -0,0 +1,8 @@ +#!/bin/bash + +if [ $(id -u) -ne 0 ] ; then + echo "❌ Run me as root" + exit 1 +fi + +helm delete prestashop \ No newline at end of file diff --git a/examples/prestashop/prestashop-chart-values.yml b/examples/prestashop/prestashop-chart-values.yml new file mode 100644 index 000000000..8eebe767f --- /dev/null +++ b/examples/prestashop/prestashop-chart-values.yml @@ -0,0 +1,8 @@ +prestashopHost: "https://www.example.com" +prestashopUsername: "user@example.com" +prestashopPassword: "changeme42" +prestashopEmail: "user@example.com" +prestashopFirstName: "Prestashop" +prestashopLastName: "User" +prestashopCountry: "us" +prestashopLanguage: "en" \ No newline at end of file diff --git a/examples/prestashop/setup-kubernetes.sh b/examples/prestashop/setup-kubernetes.sh new file mode 100755 index 000000000..52856a84c --- /dev/null +++ b/examples/prestashop/setup-kubernetes.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +if [ $(id -u) -ne 0 ] ; then + echo "❌ Run me as root" + exit 1 +fi + +helm repo add bitnami https://charts.bitnami.com/bitnami +helm install -f prestashop-chart-values.yml prestashop bitnami/prestashop \ No newline at end of file diff --git a/examples/prestashop/swarm.yml b/examples/prestashop/swarm.yml new file mode 100644 index 000000000..1fe69917f --- /dev/null +++ b/examples/prestashop/swarm.yml @@ -0,0 +1,56 @@ +version: '3' + +services: + + myps: + image: prestashop/prestashop:1.7 + volumes: + - ps_data:/var/www/html + networks: + - bw-services + environment: + - DB_SERVER=mydb + - DB_USER=user + - DB_PASSWD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD) + - DB_PREFIX=prefix_ # replace with a random prefix (good security practice) + - DB_NAME=prestashop + - PS_ENABLE_SSL=1 + - ADMIN_MAIL=admin@example.com # change to the prestashop admin email + - ADMIN_PASSWD=changeme # change to the prestashop admin password + deploy: + placement: + constraints: + - "node.role==worker" + labels: + - bunkerweb.SERVER_NAME=www.example.com + - bunkerweb.MAX_CLIENT_SIZE=50m + - bunkerweb.USE_REVERSE_PROXY=yes + - bunkerweb.REVERSE_PROXY_URL=/ + - bunkerweb.REVERSE_PROXY_HOST=http://myps + - bunkerweb.LIMIT_REQ_URL_1=/install/index.php + - bunkerweb.LIMIT_REQ_RATE_1=8r/s + + mydb: + image: mariadb + volumes: + - db_data:/var/lib/mysql + networks: + - bw-services + environment: + - MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password + - MYSQL_DATABASE=prestashop + - MYSQL_USER=user + - MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match DB_PASSWD) + deploy: + placement: + constraints: + - "node.role==worker" + +networks: + bw-services: + external: + name: bw-services + +volumes: + ps_data: + db_data: \ No newline at end of file diff --git a/examples/prestashop/tests.json b/examples/prestashop/tests.json new file mode 100644 index 000000000..37965cb08 --- /dev/null +++ b/examples/prestashop/tests.json @@ -0,0 +1,17 @@ +{ + "name": "prestashop", + "kinds": [ + "docker", + "autoconf", + "swarm", + "kubernetes" + ], + "timeout": 120, + "tests": [ + { + "type": "string", + "url": "https://www.example.com", + "string": "prestashop" + } + ] +} \ No newline at end of file diff --git a/examples/proxy-protocol/tests.json b/examples/proxy-protocol/tests.json new file mode 100644 index 000000000..ab9f43f9e --- /dev/null +++ b/examples/proxy-protocol/tests.json @@ -0,0 +1,14 @@ +{ + "name": "proxy-protocol", + "kinds": [ + "docker" + ], + "timeout": 60, + "tests": [ + { + "type": "string", + "url": "http://www.example.com", + "string": "hello" + } + ] +} \ No newline at end of file diff --git a/examples/radarr/autoconf.yml b/examples/radarr/autoconf.yml new file mode 100644 index 000000000..ffbfa8cae --- /dev/null +++ b/examples/radarr/autoconf.yml @@ -0,0 +1,38 @@ +version: '3.5' + +services: + + radarr: + image: lscr.io/linuxserver/radarr:latest + networks: + bw-services: + aliases: + - radarr + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/London + volumes: + - ./config:/config + - ./movies:/movies #optional + - ./downloads:/downloads #optional + labels: + - bunkerweb.SERVER_NAME=www.example.com + - bunkerweb.MAX_CLIENT_SIZE=50m + # Methods used by the radarr API + # more info at https://radarr.video/docs/api/ + - bunkerweb.ALLOWED_METHODS=GET|POST|HEAD|DELETE|PUT + # Proxy requests to radarr + # websocket is needed + - bunkerweb.USE_REVERSE_PROXY=yes + - bunkerweb.REVERSE_PROXY_URL=/ + - bunkerweb.REVERSE_PROXY_HOST=http://radarr:7878 + - bunkerweb.REVERSE_PROXY_WS=yes + # Increase request rate for API endpoints + - bunkerweb.LIMIT_REQ_URL_1=^/api/ + - bunkerweb.LIMIT_REQ_RATE_1=10r/s + +networks: + bw-services: + external: + name: bw-services \ No newline at end of file diff --git a/examples/radarr/swarm.yml b/examples/radarr/swarm.yml new file mode 100644 index 000000000..9e1032035 --- /dev/null +++ b/examples/radarr/swarm.yml @@ -0,0 +1,45 @@ +version: '3.5' + +services: + + radarr: + image: lscr.io/linuxserver/radarr:latest + networks: + - bw-services + environment: + - PUID=1000 + - PGID=1000 + - TZ=Europe/London + volumes: + - rr_config:/config + - rr_movies:/movies #optional + - rr_downloads:/downloads #optional + deploy: + placement: + constraints: + - "node.role==worker" + labels: + - bunkerweb.SERVER_NAME=www.example.com + - bunkerweb.MAX_CLIENT_SIZE=50m + # Methods used by the radarr API + # more info at https://radarr.video/docs/api/ + - bunkerweb.ALLOWED_METHODS=GET|POST|HEAD|DELETE|PUT + # Proxy requests to radarr + # websocket is needed + - bunkerweb.USE_REVERSE_PROXY=yes + - bunkerweb.REVERSE_PROXY_URL=/ + - bunkerweb.REVERSE_PROXY_HOST=http://radarr:7878 + - bunkerweb.REVERSE_PROXY_WS=yes + # Increase request rate for API endpoints + - bunkerweb.LIMIT_REQ_URL_1=^/api/ + - bunkerweb.LIMIT_REQ_RATE_1=10r/s + +networks: + bw-services: + external: + name: bw-services + +volumes: + rr_config: + rr_downloads: + rr_movies: \ No newline at end of file diff --git a/examples/radarr/tests.json b/examples/radarr/tests.json new file mode 100644 index 000000000..27fc899bf --- /dev/null +++ b/examples/radarr/tests.json @@ -0,0 +1,16 @@ +{ + "name": "radarr", + "kinds": [ + "docker", + "autoconf", + "swarm" + ], + "timeout": 60, + "tests": [ + { + "type": "string", + "url": "https://www.example.com", + "string": "radarr" + } + ] +} \ No newline at end of file