Elgato_dark/bunkerweb
1
0
Fork 0
mirror of https://github.com/bunkerity/bunkerweb synced 2026-05-24 09:28:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add tests for 1.6 + update core tests according to the new stack

Browse source
This commit is contained in:
Théophile Diot 2024-06-24 16:46:40 +01:00
parent 761dfb807d
commit 9e58d0bb1e
No known key found for this signature in database
GPG key ID: FA995104A0BA376A
70 changed files with 723 additions and 992 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

243
.github/workflows/1.6.yml vendored Normal file
View file

@ -0,0 +1,243 @@
name: Automatic tests (DEV)
permissions: read-all
on:
push:
branches: [1.6]
jobs:
# Containers
build-containers:
permissions:
contents: read
packages: write
strategy:
fail-fast: false
matrix:
image: [bunkerweb, scheduler, autoconf, ui]
include:
- image: bunkerweb
dockerfile: src/bw/Dockerfile
- image: scheduler
dockerfile: src/scheduler/Dockerfile
- image: autoconf
dockerfile: src/autoconf/Dockerfile
- image: ui
dockerfile: src/ui/Dockerfile
uses: ./.github/workflows/container-build.yml
with:
RELEASE: 1.6
ARCH: linux/amd64
CACHE: true
IMAGE: ${{ matrix.image }}
DOCKERFILE: ${{ matrix.dockerfile }}
secrets:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
# Build Linux packages
build-packages:
permissions:
contents: read
packages: write
strategy:
matrix:
linux: [ubuntu, debian, fedora, rhel, rhel9, ubuntu-jammy]
include:
- linux: ubuntu
package: deb
- linux: ubuntu-jammy
package: deb
- linux: debian
package: deb
- linux: fedora
package: rpm
- linux: rhel
package: rpm
- linux: rhel9
package: rpm
uses: ./.github/workflows/linux-build.yml
with:
RELEASE: 1.6
LINUX: ${{ matrix.linux }}
PACKAGE: ${{ matrix.package }}
TEST: true
PLATFORMS: linux/amd64
secrets:
DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }}
DOCKER_TOKEN: ${{ secrets.DOCKER_TOKEN }}
codeql:
uses: ./.github/workflows/codeql.yml
permissions:
actions: read
contents: read
security-events: write
# UI tests
prepare-tests-ui:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- id: set-matrix
run: |
tests=$(find ./tests/ui/ -name "*_page.py" -type f -printf "%f\n" | jq -c --raw-input --slurp 'split("\n")| .[0:-1]')
echo "tests=$tests" >> $GITHUB_OUTPUT
outputs:
tests: ${{ steps.set-matrix.outputs.tests }}
tests-ui:
needs: [prepare-tests-ui, build-containers]
strategy:
fail-fast: false
matrix:
test: ${{ fromJson(needs.prepare-tests-ui.outputs.tests) }}
uses: ./.github/workflows/tests-ui.yml
with:
TEST: ${{ matrix.test }}
RELEASE: 1.6
tests-ui-linux:
needs: [prepare-tests-ui, build-packages]
strategy:
fail-fast: false
matrix:
test: ${{ fromJson(needs.prepare-tests-ui.outputs.tests) }}
uses: ./.github/workflows/tests-ui-linux.yml
with:
TEST: ${{ matrix.test }}
RELEASE: 1.6
# Core tests
prepare-tests-core:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- id: set-matrix
run: |
tests=$(find ./tests/core/ -maxdepth 1 -mindepth 1 -type d -printf "%f\n" | jq -c --raw-input --slurp 'split("\n")| .[0:-1]')
echo "tests=$tests" >> $GITHUB_OUTPUT
outputs:
tests: ${{ steps.set-matrix.outputs.tests }}
tests-core:
needs: [build-containers, prepare-tests-core]
strategy:
fail-fast: false
matrix:
test: ${{ fromJson(needs.prepare-tests-core.outputs.tests) }}
uses: ./.github/workflows/test-core.yml
with:
TEST: ${{ matrix.test }}
RELEASE: 1.6
tests-core-linux:
needs: [build-packages, prepare-tests-core]
strategy:
fail-fast: false
matrix:
test: ${{ fromJson(needs.prepare-tests-core.outputs.tests) }}
uses: ./.github/workflows/test-core-linux.yml
with:
TEST: ${{ matrix.test }}
RELEASE: 1.6
secrets: inherit
# Push with 1.6 tag
push-1.6:
needs: [tests-ui, tests-core]
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
steps:
- name: Login to Docker Hub
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Login to ghcr
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Push BW image
run: docker pull ghcr.io/bunkerity/$FROM-tests:1.6 && docker tag ghcr.io/bunkerity/$FROM-tests:1.6 bunkerity/$TO:1.6 && docker tag ghcr.io/bunkerity/$FROM-tests:1.6 ghcr.io/bunkerity/$TO:1.6 && docker push bunkerity/$TO:1.6 && docker push ghcr.io/bunkerity/$TO:1.6
env:
FROM: "bunkerweb"
TO: "bunkerweb"
- name: Push scheduler image
run: docker pull ghcr.io/bunkerity/$FROM-tests:1.6 && docker tag ghcr.io/bunkerity/$FROM-tests:1.6 bunkerity/$TO:1.6 && docker tag ghcr.io/bunkerity/$FROM-tests:1.6 ghcr.io/bunkerity/$TO:1.6 && docker push bunkerity/$TO:1.6 && docker push ghcr.io/bunkerity/$TO:1.6
env:
FROM: "scheduler"
TO: "bunkerweb-scheduler"
- name: Push UI image
run: docker pull ghcr.io/bunkerity/$FROM-tests:1.6 && docker tag ghcr.io/bunkerity/$FROM-tests:1.6 bunkerity/$TO:1.6 && docker tag ghcr.io/bunkerity/$FROM-tests:1.6 ghcr.io/bunkerity/$TO:1.6 && docker push bunkerity/$TO:1.6 && docker push ghcr.io/bunkerity/$TO:1.6
env:
FROM: "ui"
TO: "bunkerweb-ui"
- name: Push autoconf image
run: docker pull ghcr.io/bunkerity/$FROM-tests:1.6 && docker tag ghcr.io/bunkerity/$FROM-tests:1.6 bunkerity/$TO:1.6 && docker tag ghcr.io/bunkerity/$FROM-tests:1.6 ghcr.io/bunkerity/$TO:1.6 && docker push bunkerity/$TO:1.6 && docker push ghcr.io/bunkerity/$TO:1.6
env:
FROM: "autoconf"
TO: "bunkerweb-autoconf"
# Push Linux packages
push-packages:
needs: [tests-ui-linux, tests-core-linux]
strategy:
matrix:
linux: [ubuntu, debian, fedora, el, el9, ubuntu-jammy]
arch: [amd64]
include:
- release: 1.6
repo: bunkerweb
- linux: ubuntu
package_arch: amd64
separator: _
suffix: ""
version: noble
package: deb
- linux: debian
package_arch: amd64
separator: _
suffix: ""
version: bookworm
package: deb
- linux: fedora
package_arch: x86_64
separator: "-"
suffix: "1."
version: 40
package: rpm
- linux: el
package_arch: x86_64
separator: "-"
suffix: "1."
version: 8
package: rpm
- linux: el9
package_arch: x86_64
separator: "-"
suffix: "1."
version: 9
package: rpm
- linux: ubuntu-jammy
package_arch: amd64
separator: _
suffix: ""
version: jammy
package: deb
uses: ./.github/workflows/push-packagecloud.yml
with:
SEPARATOR: ${{ matrix.separator }}
SUFFIX: ${{ matrix.suffix }}
REPO: ${{ matrix.repo }}
LINUX: ${{ matrix.linux }}
VERSION: ${{ matrix.version }}
PACKAGE: ${{ matrix.package }}
BW_VERSION: ${{ matrix.release }}
PACKAGE_ARCH: ${{ matrix.package_arch }}
ARCH: ${{ matrix.arch }}
secrets:
PACKAGECLOUD_TOKEN: ${{ secrets.PACKAGECLOUD_TOKEN }}

3
.github/workflows/container-build.yml vendored
View file

@ -49,6 +49,9 @@ jobs:
- name: Replace VERSION
if: inputs.RELEASE == 'testing' || inputs.RELEASE == 'dev'
run: ./misc/update-version.sh ${{ inputs.RELEASE }}
- name: Replace VERSION 1.6
if: inputs.RELEASE == '1.6'
run: ./misc/update-version.sh dev
- name: Setup SSH for ARM node
if: inputs.CACHE_SUFFIX == 'arm'
run: |

7
.github/workflows/linux-build.yml vendored
View file

@ -41,6 +41,9 @@ jobs:
- name: Replace VERSION
if: inputs.RELEASE == 'testing' || inputs.RELEASE == 'dev' || inputs.RELEASE == 'ui'
run: ./misc/update-version.sh ${{ inputs.RELEASE }}
- name: Replace VERSION 1.6
if: inputs.RELEASE == '1.6'
run: ./misc/update-version.sh dev
- name: Extract arch
run: |
echo "ARCH=${{ env.PLATFORMS }}" | sed 's/linux//g' | sed 's@/@@g' >> "$GITHUB_ENV"
@ -93,7 +96,7 @@ jobs:
password: ${{ secrets.GITHUB_TOKEN }}
# Build testing package image
- name: Build package image
if: inputs.RELEASE == 'testing' || inputs.RELEASE == 'dev' || inputs.RELEASE == 'ui'
if: inputs.RELEASE == 'testing' || inputs.RELEASE == 'dev' || inputs.RELEASE == 'ui' || inputs.RELEASE == '1.6'
uses: docker/build-push-action@c382f710d39a5bb4e430307530a720f50c2d3318 # v6.0.0
with:
context: .
@ -105,7 +108,7 @@ jobs:
cache-to: type=gha,scope=${{ inputs.LINUX }}-${{ inputs.RELEASE }},mode=min
# Build non-testing package image
- name: Build package image
if: inputs.RELEASE != 'testing' && inputs.RELEASE != 'dev'
if: inputs.RELEASE != 'testing' && inputs.RELEASE != 'dev' && inputs.RELEASE != 'ui' && inputs.RELEASE != '1.6'
uses: docker/build-push-action@c382f710d39a5bb4e430307530a720f50c2d3318 # v6.0.0
with:
context: .

5
.github/workflows/test-core-linux.yml vendored
View file

@ -71,7 +71,7 @@ jobs:
sudo apt update
sudo -E apt install -y nginx=1.26.1-2~noble
- name: Fix version without a starting number
if: inputs.RELEASE == 'testing' || inputs.RELEASE == 'dev'
if: inputs.RELEASE == 'testing' || inputs.RELEASE == 'dev' || inputs.RELEASE == '1.6'
run: echo "force-bad-version" | sudo tee -a /etc/dpkg/dpkg.cfg
- name: Edit configuration files
run: |
@ -84,7 +84,8 @@ jobs:
sudo systemctl start php8.3-fpm
# BunkerWeb
sudo mkdir -p /etc/bunkerweb
echo "SERVER_NAME=www.example.com" | sudo tee /etc/bunkerweb/variables.env
echo "BUNKERWEB_INSTANCES=127.0.0.1" | sudo tee /etc/bunkerweb/variables.env
echo "SERVER_NAME=www.example.com" | sudo tee -a /etc/bunkerweb/variables.env
echo "HTTP_PORT=80" | sudo tee -a /etc/bunkerweb/variables.env
echo "HTTPS_PORT=443" | sudo tee -a /etc/bunkerweb/variables.env
echo 'DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4' | sudo tee -a /etc/bunkerweb/variables.env

5
.github/workflows/tests-ui-linux.yml vendored
View file

@ -71,7 +71,7 @@ jobs:
sudo apt update
sudo -E apt install -y nginx=1.26.1-2~noble
- name: Fix version without a starting number
if: inputs.RELEASE == 'testing' || inputs.RELEASE == 'dev' || inputs.RELEASE == 'ui'
if: inputs.RELEASE == 'testing' || inputs.RELEASE == 'dev' || inputs.RELEASE == 'ui' || inputs.RELEASE == '1.6'
run: echo "force-bad-version" | sudo tee -a /etc/dpkg/dpkg.cfg
- name: Edit configuration files
run: |
@ -82,7 +82,8 @@ jobs:
echo "127.0.0.1 app3.example.com" | sudo tee -a /etc/hosts
# BunkerWeb
sudo mkdir -p /etc/bunkerweb
echo "SERVER_NAME=" | sudo tee /etc/bunkerweb/variables.env
echo "BUNKERWEB_INSTANCES=127.0.0.1" | sudo tee /etc/bunkerweb/variables.env
echo "SERVER_NAME=" | sudo tee -a /etc/bunkerweb/variables.env
echo "HTTP_PORT=80" | sudo tee -a /etc/bunkerweb/variables.env
echo "HTTPS_PORT=443" | sudo tee -a /etc/bunkerweb/variables.env
echo "BAD_BEHAVIOR_THRESHOLD=20" | sudo tee -a /etc/bunkerweb/variables.env

2
src/VERSION
View file

@ -1 +1 @@
1.5.8
dev

40
tests/core/antibot/docker-compose.yml
View file

@ -8,14 +8,27 @@ services:
- "bunkerweb.INSTANCE=yes"
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
USE_REVERSE_PROXY: "yes"
REVERSE_PROXY_HOST: "http://app1:8080"
REVERSE_PROXY_URL: "/"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? ANTIBOT settings
USE_ANTIBOT: "no"
@ -29,32 +42,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
app1:
image: nginxdemos/nginx-hello
@ -75,4 +64,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:

2
tests/core/antibot/test.sh
View file

@ -14,7 +14,7 @@ echo "🤖 Building antibot stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker app1
docker compose pull app1
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🤖 Pull failed ❌"

40
tests/core/authbasic/docker-compose.yml
View file

@ -8,14 +8,27 @@ services:
- "bunkerweb.INSTANCE=yes"
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
USE_REVERSE_PROXY: "yes"
REVERSE_PROXY_HOST: "http://app1:8080"
REVERSE_PROXY_URL: "/"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? AUTH_BASIC settings
USE_AUTH_BASIC: "no"
@ -31,32 +44,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
app1:
image: nginxdemos/nginx-hello
@ -77,4 +66,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:

2
tests/core/authbasic/test.sh
View file

@ -14,7 +14,7 @@ echo "🔐 Building authbasic stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker app1
docker compose pull app1
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🔐 Pull failed ❌"

42
tests/core/backup/docker-compose.yml
View file

@ -8,20 +8,6 @@ services:
- "bunkerweb.INSTANCE=yes"
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
MULTISITE: "no"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
USE_REVERSE_PROXY: "yes"
REVERSE_PROXY_HOST: "http://app1:8080"
REVERSE_PROXY_URL: "/"
LOG_LEVEL: "info"
# ? Backup settings
USE_BACKUP: "yes"
BACKUP_DIRECTORY: "/var/lib/bunkerweb/backups"
BACKUP_ROTATION: "7"
networks:
bw-universe:
bw-services:
@ -34,12 +20,25 @@ services:
- "bunkerweb.SCHEDULER=yes"
depends_on:
- bw
- bw-docker
volumes:
- bw-data:/data/lib
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
MULTISITE: "no"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
USE_REVERSE_PROXY: "yes"
REVERSE_PROXY_HOST: "http://app1:8080"
CUSTOM_LOG_LEVEL: "debug"
LOG_LEVEL: "info"
# ? Backup settings
USE_BACKUP: "yes"
BACKUP_DIRECTORY: "/var/lib/bunkerweb/backups"
BACKUP_ROTATION: "7"
# ? DATABASE settings
DATABASE_URI: "sqlite:////var/lib/bunkerweb/db.sqlite3"
@ -47,15 +46,6 @@ services:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
volumes:
bw-data:
name: bw-data

6
tests/core/backup/test.sh
View file

@ -14,12 +14,6 @@ echo "💾 Building backup stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "💾 Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.mariadb.yml pull bw-db
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

7
tests/core/badbehavior/docker-compose.test.yml
View file

@ -3,9 +3,10 @@ version: "3.5"
services:
tests:
build: .
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
PYTHONUNBUFFERED: "1"
DOCKER_HOST: "tcp://bw-docker:2375"
USE_BAD_BEHAVIOR: "yes"
BAD_BEHAVIOR_STATUS_CODES: "400 401 403 404 405 429 444"
BAD_BEHAVIOR_BAN_TIME: "86400"
@ -14,13 +15,9 @@ services:
extra_hosts:
- "www.example.com:192.168.0.2"
networks:
bw-docker:
ipv4_address: 10.10.10.4
bw-services:
ipv4_address: 192.168.0.3
networks:
bw-services:
external: true
bw-docker:
external: true

48
tests/core/badbehavior/docker-compose.yml
View file

@ -10,11 +10,25 @@ services:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? BAD_BEHAVIOR settings
USE_BAD_BEHAVIOR: "yes"
@ -32,33 +46,7 @@ services:
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
bw-universe:
bw-docker:
ipv4_address: 10.10.10.3
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
bw-docker:
ipv4_address: 10.10.10.2
- bw-universe
networks:
bw-universe:
@ -73,9 +61,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:
name: bw-docker
ipam:
driver: default
config:
- subnet: 10.10.10.0/24

6
tests/core/badbehavior/test.sh
View file

@ -14,12 +14,6 @@ echo "📟 Building badbehavior stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "📟 Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.test.yml build
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

48
tests/core/blacklist/docker-compose.yml
View file

@ -10,10 +10,28 @@ services:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-global-network:
ipv4_address: 1.0.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
volumes:
- bw-data:/data
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? BLACKLIST settings
USE_BLACKLIST: "yes"
@ -47,36 +65,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-global-network:
ipv4_address: 1.0.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
volumes:
- bw-data:/data
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
blacklist-api:
build: api
@ -109,5 +99,3 @@ networks:
driver: default
config:
- subnet: 1.0.0.0/8
bw-docker:
name: bw-docker

7
tests/core/blacklist/test.sh
View file

@ -14,13 +14,6 @@ echo "🏴 Building blacklist stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🏴 Pull failed ❌"
exit 1
fi
echo "🏴 Building custom api image ..."
docker compose build blacklist-api
# shellcheck disable=SC2181

39
tests/core/brotli/docker-compose.yml
View file

@ -8,6 +8,19 @@ services:
- "bunkerweb.INSTANCE=yes"
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
@ -16,6 +29,7 @@ services:
REVERSE_PROXY_HOST: "http://app1:8080"
REVERSE_PROXY_URL: "/"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? BROTLI settings
USE_BROTLI: "no"
@ -28,32 +42,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
app1:
image: nginxdemos/nginx-hello
@ -74,4 +64,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:

2
tests/core/brotli/test.sh
View file

@ -14,7 +14,7 @@ echo "📦 Building brotli stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker app1
docker compose pull app1
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "📦 Pull failed ❌"

40
tests/core/bunkernet/docker-compose.yml
View file

@ -10,10 +10,24 @@ services:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
networks:
bw-universe:
bw-services:
ipv4_address: 1.0.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
HTTP_PORT: "80"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? BUNKERNET settings
USE_BUNKERNET: "yes"
@ -27,32 +41,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 1.0.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
bunkernet-api:
build: api
@ -74,5 +64,3 @@ networks:
driver: default
config:
- subnet: 1.0.0.0/24
bw-docker:
name: bw-docker

7
tests/core/bunkernet/test.sh
View file

@ -14,13 +14,6 @@ echo "🕸️ Building bunkernet stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🕸️ Pull failed ❌"
exit 1
fi
echo "🕸️ Building custom api image ..."
docker compose build bunkernet-api
# shellcheck disable=SC2181

47
tests/core/bwcli/docker-compose.yml
View file

@ -10,21 +10,6 @@ services:
- "bunkerweb.INSTANCE=yes"
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
USE_REDIS: "yes"
REDIS_HOST: "bw-redis"
CUSTOM_CONF_SERVER_HTTP_ready: |
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}
networks:
- bw-universe
@ -37,20 +22,27 @@ services:
labels:
- "bunkerweb.SCHEDULER=yes"
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
USE_REDIS: "yes"
REDIS_HOST: "bw-redis"
CUSTOM_LOG_LEVEL: "debug"
CUSTOM_CONF_SERVER_HTTP_ready: |
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
bw-redis:
image: redis:7-alpine
@ -64,4 +56,3 @@ networks:
driver: default
config:
- subnet: 10.20.30.0/24
bw-docker:

6
tests/core/bwcli/test.sh
View file

@ -14,12 +14,6 @@ echo "⌨️ Building bwcli stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "⌨️ Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.test.yml build
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

39
tests/core/clientcache/docker-compose.yml
View file

@ -10,11 +10,25 @@ services:
- ./image.png:/var/www/html/image.png
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? CLIENT_CACHE settings
USE_CLIENT_CACHE: "no"
@ -30,32 +44,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
networks:
bw-universe:
@ -70,4 +60,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:

6
tests/core/clientcache/test.sh
View file

@ -14,12 +14,6 @@ echo "📝 Building clientcache stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "📝 Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.test.yml build
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

39
tests/core/cors/docker-compose.yml
View file

@ -9,6 +9,19 @@ services:
volumes:
- ./www:/var/www/html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
SERVER_NAME: "www.example.com app1.example.com"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
MULTISITE: "yes"
@ -22,6 +35,7 @@ services:
LOG_LEVEL: "info"
GENERATE_SELF_SIGNED_SSL: "no"
ALLOWED_METHODS: "GET|POST|HEAD|OPTIONS"
CUSTOm_LOG_LEVEL: "debug"
# ? CORS settings
USE_CORS: "no"
@ -40,32 +54,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
app1:
image: php:fpm
@ -88,4 +78,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:

2
tests/core/cors/test.sh
View file

@ -14,7 +14,7 @@ echo "🛰️ Building cors stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker app1
docker compose pull app1
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🛰️ Pull failed ❌"

44
tests/core/country/docker-compose.yml
View file

@ -10,11 +10,27 @@ services:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
networks:
bw-universe:
bw-us-network:
ipv4_address: 8.0.0.2
bw-gb-network:
ipv4_address: 2.0.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? COUNTRY settings
BLACKLIST_COUNTRY: ""
@ -28,34 +44,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-us-network:
ipv4_address: 8.0.0.2
bw-gb-network:
ipv4_address: 2.0.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
networks:
bw-universe:
@ -76,5 +66,3 @@ networks:
driver: default
config:
- subnet: 2.0.0.0/8
bw-docker:
name: bw-docker

6
tests/core/country/test.sh
View file

@ -14,12 +14,6 @@ echo "🌍 Building country stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🌍 Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.test.yml build
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

44
tests/core/customcert/docker-compose.yml
View file

@ -9,6 +9,21 @@ services:
volumes:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
volumes:
- ./init/certs:/certs
environment:
BUNKERWEB_INSTANCES: "bw"
SERVER_NAME: "app1.example.com"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
HTTP_PORT: "80"
@ -17,6 +32,7 @@ services:
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? CUSTOM_CERT settings
USE_CUSTOM_SSL: "no"
@ -31,34 +47,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
volumes:
- ./init/certs:/certs
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
networks:
bw-universe:
@ -73,5 +63,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:
name: bw-docker

6
tests/core/customcert/test.sh
View file

@ -14,12 +14,6 @@ echo "🔏 Building customcert stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🔏 Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.test.yml build
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

1
tests/core/db/docker-compose.test.yml
View file

@ -19,6 +19,7 @@ services:
GLOBAL_LOG_LEVEL: "info"
CUSTOM_CONF_MODSEC_test_custom_conf: 'SecRule REQUEST_FILENAME "@rx ^/db" "id:10000,ctl:ruleRemoveByTag=attack-generic,ctl:ruleRemoveByTag=attack-protocol,nolog"'
GLOBAL_SERVER_NAME: "bwadm.example.com"
GLOBAL_BUNKERWEB_INSTANCES: "bw"
extra_hosts:
- "bwadm.example.com:192.168.0.2"
networks:

54
tests/core/db/docker-compose.yml
View file

@ -7,27 +7,7 @@ services:
labels:
- "bunkerweb.INSTANCE=yes"
environment:
SERVER_NAME: "bwadm.example.com"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
MULTISITE: "no"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
USE_REVERSE_PROXY: "yes"
REVERSE_PROXY_HOST: "http://app1:8080"
REVERSE_PROXY_URL: "/"
LOG_LEVEL: "info"
CUSTOM_CONF_MODSEC_test_custom_conf: 'SecRule REQUEST_FILENAME "@rx ^/db" "id:10000,ctl:ruleRemoveByTag=attack-generic,ctl:ruleRemoveByTag=attack-protocol,nolog"'
CUSTOM_CONF_SERVER_HTTP_ready: |
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
@ -38,29 +18,39 @@ services:
pull_policy: never
depends_on:
- bw
- bw-docker
volumes:
- bw-data:/data/lib
- bw-volume:/usr/share/bunkerweb
- ./init/plugins:/data/plugins
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
BUNKERWEB_INSTANCES: "bw"
SERVER_NAME: "bwadm.example.com"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
MULTISITE: "no"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
USE_REVERSE_PROXY: "yes"
REVERSE_PROXY_HOST: "http://app1:8080"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
CUSTOM_CONF_MODSEC_test_custom_conf: 'SecRule REQUEST_FILENAME "@rx ^/db" "id:10000,ctl:ruleRemoveByTag=attack-generic,ctl:ruleRemoveByTag=attack-protocol,nolog"'
CUSTOM_CONF_SERVER_HTTP_ready: |
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}
# ? DATABASE settings
DATABASE_URI: "sqlite:////var/lib/bunkerweb/db.sqlite3"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
app1:
image: nginxdemos/nginx-hello
networks:

3
tests/core/db/test.sh
View file

@ -18,7 +18,7 @@ echo "💾 Building db stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker app1
docker compose pull app1
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "💾 Pull failed ❌"
@ -57,6 +57,7 @@ else
sudo touch /var/www/html/index.html
export TEST_TYPE="linux"
export GLOBAL_BUNKERWEB_INSTANCES="127.0.0.1"
export GLOBAL_SERVER_NAME="bwadm.example.com"
export GLOBAL_HTTP_PORT="80"
export GLOBAL_HTTPS_PORT="443"

40
tests/core/dnsbl/docker-compose.yml
View file

@ -10,11 +10,25 @@ services:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? DNSBL settings
USE_DNSBL: "yes"
@ -28,32 +42,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
networks:
bw-universe:
@ -68,5 +58,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:
name: bw-docker

6
tests/core/dnsbl/test.sh
View file

@ -14,12 +14,6 @@ echo "🚫 Building dnsbl stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🚫 Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.test.yml build
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

39
tests/core/errors/docker-compose.yml
View file

@ -11,11 +11,25 @@ services:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? ERRORS settings
ERRORS: ""
@ -29,32 +43,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
networks:
bw-universe:
@ -69,4 +59,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:

6
tests/core/errors/test.sh
View file

@ -14,12 +14,6 @@ echo "⭕ Building errors stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "⭕ Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.test.yml build
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

48
tests/core/greylist/docker-compose.yml
View file

@ -10,10 +10,28 @@ services:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-global-network:
ipv4_address: 1.0.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
volumes:
- bw-data:/data
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? GREYLIST settings
USE_GREYLIST: "no"
@ -37,36 +55,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-global-network:
ipv4_address: 1.0.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
volumes:
- bw-data:/data
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
greylist-api:
build: api
@ -99,5 +89,3 @@ networks:
driver: default
config:
- subnet: 1.0.0.0/8
bw-docker:
name: bw-docker

7
tests/core/greylist/test.sh
View file

@ -14,13 +14,6 @@ echo "🏁 Building greylist stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🏁 Pull failed ❌"
exit 1
fi
echo "🏁 Building custom api image ..."
docker compose build greylist-api
# shellcheck disable=SC2181

39
tests/core/gzip/docker-compose.yml
View file

@ -10,6 +10,19 @@ services:
- "bunkerweb.INSTANCE=yes"
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
@ -18,6 +31,7 @@ services:
REVERSE_PROXY_HOST: "http://app1:8080"
REVERSE_PROXY_URL: "/"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? GZIP settings
USE_GZIP: "no"
@ -30,32 +44,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
app1:
image: nginxdemos/nginx-hello
@ -76,4 +66,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:

2
tests/core/gzip/test.sh
View file

@ -14,7 +14,7 @@ echo "🗜️ Building gzip stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker app1
docker compose pull app1
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🗜️ Pull failed ❌"

40
tests/core/headers/docker-compose.yml
View file

@ -10,6 +10,19 @@ services:
- ./www:/var/www/html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
HTTP_PORT: "80"
HTTPS_PORT: "443"
USE_BUNKERNET: "no"
@ -19,6 +32,7 @@ services:
GENERATE_SELF_SIGNED_SSL: "no"
REMOTE_PHP: "bw-php"
REMOTE_PHP_PATH: "/app"
CUSTOM_LOG_LEVEL: "debug"
# ? HEADERS settings
CUSTOM_HEADER: ""
@ -29,7 +43,6 @@ services:
CONTENT_SECURITY_POLICY: "object-src 'none'; form-action 'self'; frame-ancestors 'self';"
REFERRER_POLICY: "strict-origin-when-cross-origin"
PERMISSIONS_POLICY: "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), web-share=(), xr-spatial-tracking=()"
FEATURE_POLICY: "accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animation 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'none'; unoptimized-images 'none'; unsized-media 'none'; usb 'none'; screen-wake-lock 'none'; web-share 'none'; xr-spatial-tracking 'none';"
X_FRAME_OPTIONS: "SAMEORIGIN"
X_CONTENT_TYPE_OPTIONS: "nosniff"
X_XSS_PROTECTION: "1; mode=block"
@ -42,32 +55,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
bw-php:
image: php:fpm-alpine3.17
@ -90,4 +79,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:

14
tests/core/headers/main.py
View file

@ -51,14 +51,6 @@ try:
+ " execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(),"
+ " navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), web-share=(), xr-spatial-tracking=()",
)
feature_policy = getenv(
"FEATURE_POLICY",
"accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none';"
+ " execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animation 'none';"
+ " legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; payment 'none'; picture-in-picture 'none';"
+ " publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'none'; unoptimized-images 'none'; unsized-media 'none'; usb 'none'; screen-wake-lock 'none'; web-share 'none';"
+ " xr-spatial-tracking 'none';",
)
x_frame_options = getenv("X_FRAME_OPTIONS", "SAMEORIGIN")
x_content_type_options = getenv("X_CONTENT_TYPE_OPTIONS", "nosniff")
x_xss_protection = getenv("X_XSS_PROTECTION", "1; mode=block")
@ -120,12 +112,6 @@ try:
flush=True,
)
exit(1)
elif response.headers.get("Feature-Policy") != feature_policy:
print(
f'❌ Header "Feature-Policy" doesn\'t have the right value. {response.headers.get("Feature-Policy", "missing header")} (header) != {feature_policy} (env), exiting ...\nheaders: {response.headers}',
flush=True,
)
exit(1)
elif response.headers.get("X-Frame-Options") != x_frame_options:
print(
f'❌ Header "X-Frame-Options" doesn\'t have the right value. {response.headers.get("X-Frame-Options", "missing header")} (header) != {x_frame_options} (env), exiting ...\nheaders: {response.headers}',

12
tests/core/headers/test.sh
View file

@ -14,7 +14,7 @@ echo "🎛️ Building headers stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker bw-php
docker compose pull bw-php
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🎛️ Pull failed ❌"
@ -44,7 +44,6 @@ else
echo "CONTENT_SECURITY_POLICY=object-src 'none'; form-action 'self'; frame-ancestors 'self';" | sudo tee -a /etc/bunkerweb/variables.env
echo "REFERRER_POLICY=strict-origin-when-cross-origin" | sudo tee -a /etc/bunkerweb/variables.env
echo "PERMISSIONS_POLICY=accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), web-share=(), xr-spatial-tracking=()" | sudo tee -a /etc/bunkerweb/variables.env
echo "FEATURE_POLICY=accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; layout-animation 'none'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; payment 'none'; picture-in-picture 'none'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'none'; unoptimized-images 'none'; unsized-media 'none'; usb 'none'; screen-wake-lock 'none'; web-share 'none'; xr-spatial-tracking 'none';" | sudo tee -a /etc/bunkerweb/variables.env
echo "X_FRAME_OPTIONS=SAMEORIGIN" | sudo tee -a /etc/bunkerweb/variables.env
echo "X_CONTENT_TYPE_OPTIONS=nosniff" | sudo tee -a /etc/bunkerweb/variables.env
echo "X_XSS_PROTECTION=1; mode=block" | sudo tee -a /etc/bunkerweb/variables.env
@ -66,7 +65,6 @@ cleanup_stack () {
find . -type f -name 'docker-compose.*' -exec sed -i 's@CONTENT_SECURITY_POLICY: ".*"$@CONTENT_SECURITY_POLICY: "object-src '"'"'none'"'"'; form-action '"'"'self'"'"'; frame-ancestors '"'"'self'"'"';"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@REFERRER_POLICY: "no-referrer"@REFERRER_POLICY: "strict-origin-when-cross-origin"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@PERMISSIONS_POLICY: ".*"$@PERMISSIONS_POLICY: "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), web-share=(), xr-spatial-tracking=()"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@FEATURE_POLICY: ".*"$@FEATURE_POLICY: "accelerometer '"'"'none'"'"'; ambient-light-sensor '"'"'none'"'"'; autoplay '"'"'none'"'"'; battery '"'"'none'"'"'; camera '"'"'none'"'"'; display-capture '"'"'none'"'"'; document-domain '"'"'none'"'"'; encrypted-media '"'"'none'"'"'; execution-while-not-rendered '"'"'none'"'"'; execution-while-out-of-viewport '"'"'none'"'"'; fullscreen '"'"'none'"'"'; geolocation '"'"'none'"'"'; gyroscope '"'"'none'"'"'; layout-animation '"'"'none'"'"'; legacy-image-formats '"'"'none'"'"'; magnetometer '"'"'none'"'"'; microphone '"'"'none'"'"'; midi '"'"'none'"'"'; navigation-override '"'"'none'"'"'; payment '"'"'none'"'"'; picture-in-picture '"'"'none'"'"'; publickey-credentials-get '"'"'none'"'"'; speaker-selection '"'"'none'"'"'; sync-xhr '"'"'none'"'"'; unoptimized-images '"'"'none'"'"'; unsized-media '"'"'none'"'"'; usb '"'"'none'"'"'; screen-wake-lock '"'"'none'"'"'; web-share '"'"'none'"'"'; xr-spatial-tracking '"'"'none'"'"';"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@X_FRAME_OPTIONS: "DENY"@X_FRAME_OPTIONS: "SAMEORIGIN"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@X_CONTENT_TYPE_OPTIONS: ""@X_CONTENT_TYPE_OPTIONS: "nosniff"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@X_XSS_PROTECTION: "0"@X_XSS_PROTECTION: "1; mode=block"@' {} \;
@ -88,7 +86,6 @@ cleanup_stack () {
sudo sed -i 's@CONTENT_SECURITY_POLICY=.*$@CONTENT_SECURITY_POLICY=object-src '"'"'none'"'"'; form-action '"'"'self'"'"'; frame-ancestors '"'"'self'"'"';@' /etc/bunkerweb/variables.env
sudo sed -i 's@REFERRER_POLICY=.*$@REFERRER_POLICY=strict-origin-when-cross-origin@' /etc/bunkerweb/variables.env
sudo sed -i 's@PERMISSIONS_POLICY=.*$@PERMISSIONS_POLICY=accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), web-share=(), xr-spatial-tracking=()@' /etc/bunkerweb/variables.env
sudo sed -i 's@FEATURE_POLICY=.*$@FEATURE_POLICY=accelerometer '"'"'none'"'"'; ambient-light-sensor '"'"'none'"'"'; autoplay '"'"'none'"'"'; battery '"'"'none'"'"'; camera '"'"'none'"'"'; display-capture '"'"'none'"'"'; document-domain '"'"'none'"'"'; encrypted-media '"'"'none'"'"'; execution-while-not-rendered '"'"'none'"'"'; execution-while-out-of-viewport '"'"'none'"'"'; fullscreen '"'"'none'"'"'; geolocation '"'"'none'"'"'; gyroscope '"'"'none'"'"'; layout-animation '"'"'none'"'"'; legacy-image-formats '"'"'none'"'"'; magnetometer '"'"'none'"'"'; microphone '"'"'none'"'"'; midi '"'"'none'"'"'; navigation-override '"'"'none'"'"'; payment '"'"'none'"'"'; picture-in-picture '"'"'none'"'"'; publickey-credentials-get '"'"'none'"'"'; speaker-selection '"'"'none'"'"'; sync-xhr '"'"'none'"'"'; unoptimized-images '"'"'none'"'"'; unsized-media '"'"'none'"'"'; usb '"'"'none'"'"'; screen-wake-lock '"'"'none'"'"'; web-share '"'"'none'"'"'; xr-spatial-tracking '"'"'none'"'"';@' /etc/bunkerweb/variables.env
sudo sed -i 's@X_FRAME_OPTIONS=.*$@X_FRAME_OPTIONS=SAMEORIGIN@' /etc/bunkerweb/variables.env
sudo sed -i 's@X_CONTENT_TYPE_OPTIONS=.*$@X_CONTENT_TYPE_OPTIONS=nosniff@' /etc/bunkerweb/variables.env
sudo sed -i 's@X_XSS_PROTECTION=.*$@X_XSS_PROTECTION=1; mode=block@' /etc/bunkerweb/variables.env
@ -101,7 +98,6 @@ cleanup_stack () {
unset CONTENT_SECURITY_POLICY
unset REFERRER_POLICY
unset PERMISSIONS_POLICY
unset FEATURE_POLICY
unset X_FRAME_OPTIONS
unset X_CONTENT_TYPE_OPTIONS
unset X_XSS_PROTECTION
@ -148,7 +144,6 @@ do
find . -type f -name 'docker-compose.*' -exec sed -i 's@CONTENT_SECURITY_POLICY: ".*"$@CONTENT_SECURITY_POLICY: "object-src '"'"'none'"'"'; frame-ancestors '"'"'self'"'"';"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@REFERRER_POLICY: "strict-origin-when-cross-origin"@REFERRER_POLICY: "no-referrer"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@PERMISSIONS_POLICY: ".*"$@PERMISSIONS_POLICY: "geolocation=(self), microphone=()"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@FEATURE_POLICY: ".*"$@FEATURE_POLICY: "geolocation '"'"'self'"'"'; microphone '"'"'none'"'"';"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@X_FRAME_OPTIONS: "SAMEORIGIN"@X_FRAME_OPTIONS: "DENY"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@X_CONTENT_TYPE_OPTIONS: "nosniff"@X_CONTENT_TYPE_OPTIONS: ""@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@X_XSS_PROTECTION: "1; mode=block"@X_XSS_PROTECTION: "0"@' {} \;
@ -159,7 +154,6 @@ do
sudo sed -i 's@CONTENT_SECURITY_POLICY=.*$@CONTENT_SECURITY_POLICY=object-src '"'"'none'"'"'; frame-ancestors '"'"'self'"'"';@' /etc/bunkerweb/variables.env
sudo sed -i 's@REFERRER_POLICY=.*$@REFERRER_POLICY=no-referrer@' /etc/bunkerweb/variables.env
sudo sed -i 's@PERMISSIONS_POLICY=.*$@PERMISSIONS_POLICY=geolocation=(self), microphone=()@' /etc/bunkerweb/variables.env
sudo sed -i 's@FEATURE_POLICY=.*$@FEATURE_POLICY=geolocation '"'"'self'"'"'; microphone '"'"'none'"'"';@' /etc/bunkerweb/variables.env
sudo sed -i 's@X_FRAME_OPTIONS=.*$@X_FRAME_OPTIONS=DENY@' /etc/bunkerweb/variables.env
sudo sed -i 's@X_CONTENT_TYPE_OPTIONS=.*$@X_CONTENT_TYPE_OPTIONS=@' /etc/bunkerweb/variables.env
sudo sed -i 's@X_XSS_PROTECTION=.*$@X_XSS_PROTECTION=0@' /etc/bunkerweb/variables.env
@ -169,7 +163,6 @@ do
export CONTENT_SECURITY_POLICY="object-src 'none'; frame-ancestors 'self';"
export REFERRER_POLICY="no-referrer"
export PERMISSIONS_POLICY="geolocation=(self), microphone=()"
export FEATURE_POLICY="geolocation 'self'; microphone 'none';"
export X_FRAME_OPTIONS="DENY"
export X_CONTENT_TYPE_OPTIONS=""
export X_XSS_PROTECTION="0"
@ -185,7 +178,6 @@ do
find . -type f -name 'docker-compose.*' -exec sed -i 's@CONTENT_SECURITY_POLICY: ".*"$@CONTENT_SECURITY_POLICY: "object-src '"'"'none'"'"'; form-action '"'"'self'"'"'; frame-ancestors '"'"'self'"'"';"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@REFERRER_POLICY: "no-referrer"@REFERRER_POLICY: "strict-origin-when-cross-origin"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@PERMISSIONS_POLICY: ".*"$@PERMISSIONS_POLICY: "accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), web-share=(), xr-spatial-tracking=()"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@FEATURE_POLICY: ".*"$@FEATURE_POLICY: "accelerometer '"'"'none'"'"'; ambient-light-sensor '"'"'none'"'"'; autoplay '"'"'none'"'"'; battery '"'"'none'"'"'; camera '"'"'none'"'"'; display-capture '"'"'none'"'"'; document-domain '"'"'none'"'"'; encrypted-media '"'"'none'"'"'; execution-while-not-rendered '"'"'none'"'"'; execution-while-out-of-viewport '"'"'none'"'"'; fullscreen '"'"'none'"'"'; geolocation '"'"'none'"'"'; gyroscope '"'"'none'"'"'; layout-animation '"'"'none'"'"'; legacy-image-formats '"'"'none'"'"'; magnetometer '"'"'none'"'"'; microphone '"'"'none'"'"'; midi '"'"'none'"'"'; navigation-override '"'"'none'"'"'; payment '"'"'none'"'"'; picture-in-picture '"'"'none'"'"'; publickey-credentials-get '"'"'none'"'"'; speaker-selection '"'"'none'"'"'; sync-xhr '"'"'none'"'"'; unoptimized-images '"'"'none'"'"'; unsized-media '"'"'none'"'"'; usb '"'"'none'"'"'; screen-wake-lock '"'"'none'"'"'; web-share '"'"'none'"'"'; xr-spatial-tracking '"'"'none'"'"';"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@X_FRAME_OPTIONS: "DENY"@X_FRAME_OPTIONS: "SAMEORIGIN"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@X_CONTENT_TYPE_OPTIONS: ""@X_CONTENT_TYPE_OPTIONS: "nosniff"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@X_XSS_PROTECTION: "0"@X_XSS_PROTECTION: "1; mode=block"@' {} \;
@ -198,7 +190,6 @@ do
sudo sed -i 's@CONTENT_SECURITY_POLICY=.*$@CONTENT_SECURITY_POLICY=object-src '"'"'none'"'"'; form-action '"'"'self'"'"'; frame-ancestors '"'"'self'"'"';@' /etc/bunkerweb/variables.env
sudo sed -i 's@REFERRER_POLICY=.*$@REFERRER_POLICY=strict-origin-when-cross-origin@' /etc/bunkerweb/variables.env
sudo sed -i 's@PERMISSIONS_POLICY=.*$@PERMISSIONS_POLICY=accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), web-share=(), xr-spatial-tracking=()@' /etc/bunkerweb/variables.env
sudo sed -i 's@FEATURE_POLICY=.*$@FEATURE_POLICY=accelerometer '"'"'none'"'"'; ambient-light-sensor '"'"'none'"'"'; autoplay '"'"'none'"'"'; battery '"'"'none'"'"'; camera '"'"'none'"'"'; display-capture '"'"'none'"'"'; document-domain '"'"'none'"'"'; encrypted-media '"'"'none'"'"'; execution-while-not-rendered '"'"'none'"'"'; execution-while-out-of-viewport '"'"'none'"'"'; fullscreen '"'"'none'"'"'; geolocation '"'"'none'"'"'; gyroscope '"'"'none'"'"'; layout-animation '"'"'none'"'"'; legacy-image-formats '"'"'none'"'"'; magnetometer '"'"'none'"'"'; microphone '"'"'none'"'"'; midi '"'"'none'"'"'; navigation-override '"'"'none'"'"'; payment '"'"'none'"'"'; picture-in-picture '"'"'none'"'"'; publickey-credentials-get '"'"'none'"'"'; speaker-selection '"'"'none'"'"'; sync-xhr '"'"'none'"'"'; unoptimized-images '"'"'none'"'"'; unsized-media '"'"'none'"'"'; usb '"'"'none'"'"'; screen-wake-lock '"'"'none'"'"'; web-share '"'"'none'"'"'; xr-spatial-tracking '"'"'none'"'"';@' /etc/bunkerweb/variables.env
sudo sed -i 's@X_FRAME_OPTIONS=.*$@X_FRAME_OPTIONS=SAMEORIGIN@' /etc/bunkerweb/variables.env
sudo sed -i 's@X_CONTENT_TYPE_OPTIONS=.*$@X_CONTENT_TYPE_OPTIONS=nosniff@' /etc/bunkerweb/variables.env
sudo sed -i 's@X_XSS_PROTECTION=.*$@X_XSS_PROTECTION=1; mode=block@' /etc/bunkerweb/variables.env
@ -209,7 +200,6 @@ do
unset CONTENT_SECURITY_POLICY
unset REFERRER_POLICY
unset PERMISSIONS_POLICY
unset FEATURE_POLICY
unset X_FRAME_OPTIONS
unset X_CONTENT_TYPE_OPTIONS
unset X_XSS_PROTECTION

39
tests/core/inject/docker-compose.yml
View file

@ -10,11 +10,25 @@ services:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? INJECT settings
INJECT_BODY: "TEST"
@ -27,32 +41,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
networks:
bw-universe:
@ -67,4 +57,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:

6
tests/core/inject/test.sh
View file

@ -14,12 +14,6 @@ echo "💉 Building inject stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "💉 Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.test.yml build
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

41
tests/core/letsencrypt/docker-compose.yml
View file

@ -9,7 +9,19 @@ services:
volumes:
- ./index.html:/var/www/html/index.html
environment:
SERVER_NAME: "www.example.com"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
HTTP_PORT: "80"
HTTPS_PORT: "443"
@ -17,6 +29,7 @@ services:
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? LETS_ENCRYPT settings
AUTO_LETS_ENCRYPT: "no"
@ -30,32 +43,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
networks:
bw-universe:
@ -70,5 +59,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:
name: bw-docker

6
tests/core/letsencrypt/test.sh
View file

@ -14,12 +14,6 @@ echo "🔒 Building letsencrypt stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🔒 Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.test.yml build
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

39
tests/core/limit/docker-compose.yml
View file

@ -10,12 +10,26 @@ services:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
BAD_BEHAVIOR_STATUS_CODES: "400 401 403 405 429 444"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? LIMIT settings
USE_LIMIT_REQ: "no"
@ -32,32 +46,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
networks:
bw-universe:
@ -72,4 +62,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:

6
tests/core/limit/test.sh
View file

@ -14,12 +14,6 @@ echo "🎚️ Building limit stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🎚️ Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.test.yml build
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

39
tests/core/misc/docker-compose.yml
View file

@ -10,6 +10,19 @@ services:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
HTTP_PORT: "80"
HTTPS_PORT: "443"
USE_BUNKERNET: "no"
@ -18,6 +31,7 @@ services:
LOG_LEVEL: "info"
GENERATE_SELF_SIGNED_SSL: "no"
USE_MODSECURITY: "no"
CUSTOM_LOG_LEVEL: "debug"
# ? MISC settings
DISABLE_DEFAULT_SERVER: "no"
@ -39,32 +53,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
networks:
bw-universe:
@ -79,4 +69,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:

6
tests/core/misc/test.sh
View file

@ -14,12 +14,6 @@ echo "🗃️ Building misc stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🗃️ Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.test.yml build
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

6
tests/core/modsecurity/docker-compose.test.yml
View file

@ -3,9 +3,10 @@ version: "3.5"
services:
tests:
build: .
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
PYTHONUNBUFFERED: "1"
DOCKER_HOST: "tcp://bw-docker:2375"
USE_MODSECURITY: "yes"
USE_MODSECURITY_CRS: "yes"
MODSECURITY_CRS_VERSION: "3"
@ -17,10 +18,7 @@ services:
networks:
bw-services:
ipv4_address: 192.168.0.3
bw-docker:
networks:
bw-services:
external: true
bw-docker:
external: true

40
tests/core/modsecurity/docker-compose.yml
View file

@ -10,11 +10,25 @@ services:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? MODECURITY settings
USE_MODSECURITY: "yes"
@ -32,32 +46,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
networks:
bw-universe:
@ -72,5 +62,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:
name: bw-docker

6
tests/core/modsecurity/test.sh
View file

@ -14,12 +14,6 @@ echo "👮 Building modsecurity stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "👮 Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.test.yml build
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

39
tests/core/redirect/docker-compose.yml
View file

@ -10,11 +10,25 @@ services:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? REDIRECT settings
REDIRECT_TO: ""
@ -28,32 +42,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
app1:
image: nginxdemos/nginx-hello
@ -74,4 +64,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:

6
tests/core/redirect/test.sh
View file

@ -14,12 +14,6 @@ echo "↩️ Building redirect stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "↩️ Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.test.yml build
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

40
tests/core/redis/docker-compose.yml
View file

@ -12,6 +12,19 @@ services:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 1.0.0.3"
networks:
bw-universe:
bw-services:
ipv4_address: 1.0.0.254
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 1.0.0.3"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
SEND_ANONYMOUS_REPORT: "no"
@ -23,6 +36,7 @@ services:
USE_GREYLIST: "yes"
GREYLIST_IP: "0.0.0.0/0"
WHITELIST_COUNTRY: "AU"
CUSTOM_LOG_LEVEL: "debug"
# ? REDIS settings
USE_REDIS: "yes"
@ -45,32 +59,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 1.0.0.254
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
bw-redis:
image: bitnami/redis:7.2
@ -159,5 +149,3 @@ networks:
driver: default
config:
- subnet: 1.0.0.0/24
bw-docker:
name: bw-docker

7
tests/core/redis/test.sh
View file

@ -61,13 +61,6 @@ if [ "$integration" == "docker" ] ; then
sudo chmod -R 777 acl
echo "🧰 Redis acl files generated ✅"
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🧰 Pull failed ❌"
exit 1
fi
echo "🧰 Building custom redis image ..."
docker compose build bw-redis
# shellcheck disable=SC2181

41
tests/core/reverseproxy/docker-compose.yml
View file

@ -9,7 +9,19 @@ services:
volumes:
- ./index.html:/var/www/html/index.html
environment:
SERVER_NAME: "www.example.com"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
HTTP_PORT: "80"
HTTPS_PORT: "443"
@ -18,6 +30,7 @@ services:
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
LIMIT_REQ_RATE: "20r/s"
CUSTOM_LOG_LEVEL: "debug"
# ? REVERSE_PROXY settings
USE_REVERSE_PROXY: "no"
@ -41,32 +54,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
reverseproxy-api:
build: api
@ -93,5 +82,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:
name: bw-docker

7
tests/core/reverseproxy/test.sh
View file

@ -14,13 +14,6 @@ echo "↪️ Building reverseproxy stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "↪️ Pull failed ❌"
exit 1
fi
echo "↪️ Building custom api image ..."
docker compose build reverseproxy-api
# shellcheck disable=SC2181

39
tests/core/reversescan/docker-compose.yml
View file

@ -10,11 +10,25 @@ services:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? REVERSE_SCAN settings
USE_REVERSE_SCAN: "yes"
@ -29,32 +43,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
networks:
bw-universe:
@ -69,4 +59,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:

6
tests/core/reversescan/test.sh
View file

@ -14,12 +14,6 @@ echo "🕵️ Building reversescan stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🕵️ Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.test.yml build
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

39
tests/core/selfsigned/docker-compose.yml
View file

@ -10,12 +10,26 @@ services:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
HTTP_PORT: "80"
HTTPS_PORT: "443"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
CUSTOM_LOG_LEVEL: "debug"
# ? SELF_SIGNED settings
GENERATE_SELF_SIGNED_SSL: "no"
@ -30,32 +44,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
networks:
bw-universe:
@ -70,4 +60,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:

6
tests/core/selfsigned/test.sh
View file

@ -14,12 +14,6 @@ echo "🔑 Building selfsigned stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🔑 Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.test.yml build
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

39
tests/core/sessions/docker-compose.yml
View file

@ -10,12 +10,26 @@ services:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24 192.168.0.3"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
USE_BLACKLIST: "no"
SEND_ANONYMOUS_REPORT: "no"
LOG_LEVEL: "info"
USE_ANTIBOT: "cookie"
CUSTOM_LOG_LEVEL: "debug"
# ? SESSIONS settings
SESSIONS_SECRET: "random"
@ -29,32 +43,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
networks:
bw-universe:
@ -69,4 +59,3 @@ networks:
driver: default
config:
- subnet: 192.168.0.0/24
bw-docker:

6
tests/core/sessions/test.sh
View file

@ -14,12 +14,6 @@ echo "🧳 Building sessions stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🧳 Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.test.yml build
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

48
tests/core/whitelist/docker-compose.yml
View file

@ -10,6 +10,23 @@ services:
- ./index.html:/var/www/html/index.html
environment:
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-global-network:
ipv4_address: 1.0.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
volumes:
- bw-data:/data
environment:
BUNKERWEB_INSTANCES: "bw"
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
HTTP_PORT: "80"
USE_BUNKERNET: "no"
SEND_ANONYMOUS_REPORT: "no"
@ -17,6 +34,7 @@ services:
USE_BLACKLIST: "yes"
BLACKLIST_IP: "0.0.0.0/0"
BLACKLIST_IP_URLS: ""
CUSTOM_LOG_LEVEL: "debug"
# ? WHITELIST settings
USE_WHITELIST: "no"
@ -40,36 +58,8 @@ services:
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:
ipv4_address: 192.168.0.2
bw-global-network:
ipv4_address: 1.0.0.2
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.8
pull_policy: never
depends_on:
- bw
- bw-docker
volumes:
- bw-data:/data
environment:
DOCKER_HOST: "tcp://bw-docker:2375"
LOG_LEVEL: "debug"
networks:
- bw-universe
- bw-docker
bw-docker:
image: tecnativa/docker-socket-proxy:nightly
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
CONTAINERS: "1"
networks:
- bw-docker
whitelist-api:
build: api
@ -100,5 +90,3 @@ networks:
driver: default
config:
- subnet: 1.0.0.0/8
bw-docker:
name: bw-docker

7
tests/core/whitelist/test.sh
View file

@ -14,13 +14,6 @@ echo "🏳️ Building whitelist stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🏳️ Pull failed ❌"
exit 1
fi
echo "🏳️ Building custom api image ..."
docker compose build whitelist-api
# shellcheck disable=SC2181