v1.5.4 release

2026-05-24 09:28:37 +00:00 · 2023-12-05 11:50:32 +01:00 · 2023-12-05 11:50:32 +01:00 · b9ff3911f3
commit b9ff3911f3
parent 82fcff2935 588d04c7de
22 changed files with 67 additions and 54 deletions
--- a/.github/workflows/push-doc.yml
+++ b/.github/workflows/push-doc.yml
@ -35,7 +35,7 @@ jobs:
      - name: Install doc requirements
        run: pip install --no-cache-dir --require-hashes -r docs/requirements.txt
      - name: Push doc
-        run: mike deploy --update-aliases --push ${{ inputs.VERSION }} ${{ inputs.ALIAS }}
+        run: mike deploy --update-aliases --push --alias-type=copy ${{ inputs.VERSION }} ${{ inputs.ALIAS }}
      - name: Set default doc
        if: inputs.ALIAS == 'latest'
        run: mike set-default --push latest
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,12 +1,13 @@
 # Changelog

-## v1.5.4 -
+## v1.5.4 - 2023/12/04

+- [UI] Add an optional setup wizard for the web UI
 - [BUGFIX] Fix issues with the Linux integration and external databases
- [DOCUMENTATION] Add documentation about the new setup wizard
- [MISC] Add a setup wizard 🧙‍♂️ for the web UI
+- [BUGFIX] Fix scheduler trying to connect to Docker socket in k8s and swarm
+- [LINUX] Support Debian 12, Fedora 39 and RHEL 8.9
+- [DOCKER] Handle start and stop event of BunkerWeb with the scheduler
 - [MISC] Refactor database session handling to make it more stable with SQLite
- [MISC] Handle start and stop event of BunkerWeb with the scheduler in Docker
 - [MISC] Add conditional block for open file cache in nginx config
 - [MISC] Updated core dependencies
 - [MISC] Updated python dependencies
--- a/README.md
+++ b/README.md
@ -222,10 +222,10 @@ You will find more information in the [Kubernetes section](https://docs.bunkerwe

 List of supported Linux distros :

- Debian 11 "Bullseye"
+- Debian 12 "Bookworm"
 - Ubuntu 22.04 "Jammy"
- Fedora 38
- RHEL 8.7
+- Fedora 39
+- RHEL 8.9

 Repositories of Linux packages for BunkerWeb are available on [PackageCloud](https://packagecloud.io/bunkerity/bunkerweb), they provide a bash script to automatically add and trust the repository (but you can also follow the [manual installation](https://packagecloud.io/bunkerity/bunkerweb/install) instructions if you prefer).

@ -239,10 +239,10 @@ You will find more information in the [Linux section](https://docs.bunkerweb.io/

 List of supported Linux distros :

- Debian 11 "Bullseye"
+- Debian 12 "Bookworm"
 - Ubuntu 22.04 "Jammy"
- Fedora 38
- RHEL 8.7
+- Fedora 39
+- RHEL 8.9

 [Ansible](https://www.ansible.com/) is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero downtime rolling updates.

--- a/docs/integrations.md
+++ b/docs/integrations.md
@ -946,10 +946,10 @@ spec:

 Supported Linux distributions for BunkerWeb (amd64/x86_64 and arm64/aarch64 architectures) include:

- Debian 11 "Bullseye"
+- Debian 12 "Bookworm"
 - Ubuntu 22.04 "Jammy"
- Fedora 38
- Red Hat Enterprise Linux (RHEL) 8.7
+- Fedora 39
+- Red Hat Enterprise Linux (RHEL) 8.9

 Please ensure that you have **NGINX 1.24.0 installed before installing BunkerWeb**. For all distributions, except Fedora, it is mandatory to use prebuilt packages from the [official NGINX repository](https://nginx.org/en/linux_packages.html). Compiling NGINX from source or using packages from different repositories will not work with the official prebuilt packages of BunkerWeb. However, you have the option to build BunkerWeb from source.

@ -1121,10 +1121,10 @@ BunkerWeb is managed using systemctl :

 Supported Linux distributions for BunkerWeb (amd64/x86_64 and arm64/aarch64 architectures) include:

- Debian 11 "Bullseye"
+- Debian 12 "Bookworm"
 - Ubuntu 22.04 "Jammy"
- Fedora 38
- Red Hat Enterprise Linux (RHEL) 8.7
+- Fedora 39
+- Red Hat Enterprise Linux (RHEL) 8.9

 To simplify the deployment and configuration process, [Ansible](https://docs.ansible.com/ansible/latest/index.html) can be used as an IT automation tool. Ansible enables you to configure systems, deploy software, and perform advanced IT tasks such as continuous deployments or zero downtime rolling updates.

--- a/docs/web-ui.md
+++ b/docs/web-ui.md
@ -40,14 +40,14 @@ Because the web UI is a web application, the recommended installation procedure
 The setup wizard is a feature that helps you to **configure** and **install the web UI** using a **user-friendly interface**. You will need to set the `UI_HOST` setting (`http://hostname-of-web-ui:7000`) and browse the `/setup` URI of your server to access the setup wizard.

 <figure markdown>
-  ![Overview](assets/img/ui-wizard-account.png){ align=center, width="600" }
+  ![Overview](assets/img/ui-wizard-account.png){ align=center, width="350" }
  <figcaption>Account section of the setup wizard</figcaption>
 </figure>

 Choose your administator username and password. Please note that password must have at least 8 chars with 1 lower case letter, 1 upper case letter, 1 digit and 1 special char.

 <figure markdown>
-  ![Overview](assets/img/ui-wizard-settings.png){ align=center, width="600" }
+  ![Overview](assets/img/ui-wizard-settings.png){ align=center, width="350" }
  <figcaption>Settings section of the setup wizard</figcaption>
 </figure>

--- a/examples/behind-reverse-proxy/setup-linux.sh
+++ b/examples/behind-reverse-proxy/setup-linux.sh
@ -19,6 +19,14 @@ sed -i "s/*:8080/*:80/" /etc/haproxy/haproxy.cfg
 sed -i "s/mybunker/127.0.0.1/" /etc/haproxy/haproxy.cfg
 systemctl stop bunkerweb
 systemctl stop haproxy
+if [ -f /lib/systemd/system/haproxy.service ] ; then
+	sed -i 's/^BindReadOnlyPaths/#BindReadOnlyPaths/' /lib/systemd/system/haproxy.service
+	systemctl daemon-reload
+fi
 systemctl start haproxy
+if [ $? -ne 0 ] ; then
+	systemctl status haproxy
+	journalctl -u haproxy.service
+fi

 echo "hello" > /var/www/html/index.html
--- a/examples/kubernetes-configs/kubernetes.yml
+++ b/examples/kubernetes-configs/kubernetes.yml
@ -78,7 +78,7 @@ metadata:
  name: cfg-bunkerweb-app2-server-http
  annotations:
    bunkerweb.io/CONFIG_TYPE: "server-http"
-    bunkerweb.io/SERVER_NAME: "app2.example.com"
+    bunkerweb.io/CONFIG_SITE: "app2.example.com"
 data:
  myconf: |
    location /app2 {
@ -94,7 +94,7 @@ metadata:
  name: cfg-bunkerweb-app3-server-http
  annotations:
    bunkerweb.io/CONFIG_TYPE: "server-http"
-    bunkerweb.io/SERVER_NAME: "app3.example.com"
+    bunkerweb.io/CONFIG_SITE: "app3.example.com"
 data:
  myconf: |
    location /app3 {
--- a/examples/proxy-protocol/setup-linux.sh
+++ b/examples/proxy-protocol/setup-linux.sh
@ -20,6 +20,10 @@ sed -i "s/*:8443/*:443/g" /etc/haproxy/haproxy.cfg
 sed -i "s/mybunker/127.0.0.1/g" /etc/haproxy/haproxy.cfg
 systemctl stop bunkerweb
 systemctl stop haproxy
+if [ -f /lib/systemd/system/haproxy.service ] ; then
+	sed -i 's/^BindReadOnlyPaths/#BindReadOnlyPaths/' /lib/systemd/system/haproxy.service
+	systemctl daemon-reload
+fi
 systemctl start haproxy

 echo "hello" > /var/www/html/index.html
--- a/src/linux/Dockerfile-debian
+++ b/src/linux/Dockerfile-debian
@ -1,4 +1,4 @@
-FROM debian:bullseye-slim@sha256:c618be84fc82aa8ba203abbb07218410b0f5b3c7cb6b4e7248fda7785d4f9946
+FROM debian:bookworm-slim@sha256:2bc5c236e9b262645a323e9088dfa3bb1ecb16cc75811daf40a23a824d665be9

 ENV OS=debian
 ENV NGINX_VERSION 1.24.0
@ -7,13 +7,13 @@ ENV NGINX_VERSION 1.24.0
 RUN apt update && \
    apt install -y --no-install-recommends gnupg2 ca-certificates wget \
    ruby ruby-dev \
-    bash curl libssl-dev git libpcre++-dev zlib1g-dev libyajl2 libyajl-dev yajl-tools pkgconf libcurl4-openssl-dev libgeoip-dev liblmdb-dev apt-utils build-essential autoconf libtool automake g++ gcc libxml2-dev make musl-dev gnupg patch libreadline-dev libpcre3-dev libgd-dev python3 python3-dev python3-pip python3-distutils -y && \
+    bash curl libssl-dev git libpcre2-dev zlib1g-dev libyajl2 libyajl-dev yajl-tools pkgconf libcurl4-openssl-dev libgeoip-dev liblmdb-dev apt-utils build-essential autoconf libtool automake g++ gcc libxml2-dev make musl-dev gnupg patch libreadline-dev libpcre3-dev libgd-dev python3 python3-dev python3-pip python3-distutils -y && \
    gem install fpm && \
-    echo "deb https://nginx.org/packages/debian/ bullseye nginx" > /etc/apt/sources.list.d/nginx.list && \
-    echo "deb-src https://nginx.org/packages/debian/ bullseye nginx" >> /etc/apt/sources.list.d/nginx.list && \
+    echo "deb https://nginx.org/packages/debian/ bookworm nginx" > /etc/apt/sources.list.d/nginx.list && \
+    echo "deb-src https://nginx.org/packages/debian/ bookworm nginx" >> /etc/apt/sources.list.d/nginx.list && \
    apt-key adv --keyserver keyserver.ubuntu.com --recv-keys ABF5BD827BD9BF62 && \
    apt-get update && \
-    apt-get install -y --no-install-recommends nginx=${NGINX_VERSION}-1~bullseye
+    apt-get install -y --no-install-recommends nginx=${NGINX_VERSION}-1~bookworm

 WORKDIR /tmp/bunkerweb/deps

@ -43,8 +43,8 @@ RUN mkdir -p deps/python && \

 # Compile and install dependencies
 RUN export MAKEFLAGS="-j$(nproc)" && \
-    pip install --no-cache-dir --ignore-installed --require-hashes -r /tmp/requirements-deps.txt && \
-    pip install --no-cache-dir --require-hashes --target deps/python -r deps/requirements.txt
+    pip install --break-system-packages --no-cache-dir --ignore-installed --require-hashes -r /tmp/requirements-deps.txt && \
+    pip install --break-system-packages --no-cache-dir --require-hashes --target deps/python -r deps/requirements.txt

 # Copy files
 # can't exclude deps from . so we are copying everything by hand
--- a/src/linux/Dockerfile-fedora
+++ b/src/linux/Dockerfile-fedora
@ -1,4 +1,4 @@
-FROM fedora:38@sha256:6fc00f83a1b6526b1c6562e30f552d109ba8e269259c6742a26efab1b7aef59e
+FROM fedora:39@sha256:06df381d697d14940c886fda8e94a4fdc838df74e93f65111ed3ea04f7a7d6e0

 ENV OS=fedora
 ENV NGINX_VERSION 1.24.0
--- a/src/linux/Dockerfile-rhel
+++ b/src/linux/Dockerfile-rhel
@ -1,4 +1,4 @@
-FROM redhat/ubi8:8.8@sha256:a7143118671dfc61aca46e8ab9e488500495a3c4c73a69577ca9386564614c13
+FROM redhat/ubi8:8.9@sha256:449da7f8f2ef6285a8445a1e31af57a97b9dae5dcf009b1629c59742c89c68c3

 ENV OS=rhel
 ENV NGINX_VERSION 1.24.0
--- a/src/linux/Dockerfile-ubuntu
+++ b/src/linux/Dockerfile-ubuntu
@ -1,4 +1,4 @@
-FROM ubuntu:22.04@sha256:aabed3296a3d45cede1dc866a24476c4d7e093aa806263c27ddaadbdce3c1054
+FROM ubuntu:22.04@sha256:8eab65df33a6de2844c9aefd19efe8ddb87b7df5e9185a4ab73af936225685bb

 ENV OS=ubuntu
 ENV NGINX_VERSION 1.24.0
--- a/src/linux/fpm-debian
+++ b/src/linux/fpm-debian
@ -3,8 +3,8 @@
 --license agpl3
 --version %VERSION%
 --architecture %ARCH%
--depends bash --depends python3 --depends procps --depends python3-pip --depends 'nginx = 1.24.0-1~bullseye' --depends libcurl4 --depends libgeoip-dev --depends libxml2 --depends libyajl2 --depends libmagic1 --depends net-tools --depends sudo --depends lsof --depends libpq5
--description "BunkerWeb %VERSION% for Debian 11"
+--depends bash --depends python3 --depends procps --depends python3-pip --depends 'nginx = 1.24.0-1~bookworm' --depends libcurl4 --depends libgeoip-dev --depends libxml2 --depends libyajl2 --depends libmagic1 --depends net-tools --depends sudo --depends lsof --depends libpq5 --depends libpcre3 --depends libcap2-bin
+--description "BunkerWeb %VERSION% for Debian 12"
 --url "https://www.bunkerweb.io"
 --maintainer "Bunkerity <contact at bunkerity dot com>"
 --before-install /usr/share/bunkerweb/scripts/beforeInstall.sh
--- a/src/linux/fpm-fedora
+++ b/src/linux/fpm-fedora
@ -3,8 +3,8 @@
 --license agpl3
 --version %VERSION%
 --architecture %ARCH%
--depends bash --depends python3 --depends 'nginx = 1:1.24.0-1.fc38' --depends libcurl-devel --depends libxml2 --depends yajl --depends lmdb-libs --depends geoip-devel --depends gd --depends sudo --depends procps --depends lsof --depends nginx-mod-stream --depends pcre --depends libpq
--description "BunkerWeb %VERSION% for Fedora 38"
+--depends bash --depends python3 --depends 'nginx >= 1:1.24.0' --depends 'nginx < 1:1.25.0' --depends libcurl-devel --depends libxml2 --depends yajl --depends lmdb-libs --depends geoip-devel --depends gd --depends sudo --depends procps --depends lsof --depends nginx-mod-stream --depends pcre --depends libpq --depends libcap
+--description "BunkerWeb %VERSION% for Fedora 39"
 --url "https://www.bunkerweb.io"
 --maintainer "Bunkerity <contact at bunkerity dot com>"
 --before-install /usr/share/bunkerweb/scripts/beforeInstall.sh
--- a/src/linux/fpm-rhel
+++ b/src/linux/fpm-rhel
@ -3,7 +3,7 @@
 --license agpl3
 --version %VERSION%
 --architecture %ARCH%
--depends bash --depends python39 --depends 'nginx = 1:1.24.0-1.el8.ngx' --depends libcurl-devel --depends libxml2 --depends yajl --depends file-libs --depends net-tools --depends gd --depends sudo --depends procps --depends lsof --depends geoip --depends libpq
+--depends bash --depends python39 --depends 'nginx >= 1:1.24.0' --depends 'nginx < 1:1.25.0' --depends libcurl-devel --depends libxml2 --depends yajl --depends file-libs --depends net-tools --depends gd --depends sudo --depends procps --depends lsof --depends geoip --depends libpq --depends libcap
 --description "BunkerWeb %VERSION% for RHEL 8"
 --url "https://www.bunkerweb.io"
 --maintainer "Bunkerity <contact at bunkerity dot com>"
--- a/src/linux/fpm-ubuntu
+++ b/src/linux/fpm-ubuntu
@ -3,7 +3,7 @@
 --license agpl3
 --version %VERSION%
 --architecture %ARCH%
--depends bash --depends python3 --depends python3-pip --depends 'nginx = 1.24.0-1~jammy' --depends libcurl4 --depends libgeoip-dev --depends libxml2 --depends libyajl2 --depends libmagic1 --depends net-tools --depends sudo --depends procps --depends lsof --depends libpq5
+--depends bash --depends python3 --depends python3-pip --depends 'nginx = 1.24.0-1~jammy' --depends libcurl4 --depends libgeoip-dev --depends libxml2 --depends libyajl2 --depends libmagic1 --depends net-tools --depends sudo --depends procps --depends lsof --depends libpq5 --depends libcap2-bin
 --description "BunkerWeb %VERSION% for Ubuntu 22.04"
 --url "https://www.bunkerweb.io"
 --maintainer "Bunkerity <contact at bunkerity dot com>"
--- a/tests/LinuxTest.py
+++ b/tests/LinuxTest.py
@ -56,9 +56,9 @@ class LinuxTest(Test):
                    LinuxTest.docker_cp(
                        distro,
                        "./tests/www-deb.conf",
-                        "/etc/php/7.4/fpm/pool.d/www.conf",
+                        "/etc/php/8.2/fpm/pool.d/www.conf",
                    )
-                    LinuxTest.docker_exec(distro, "systemctl stop php7.4-fpm ; systemctl start php7.4-fpm")
+                    LinuxTest.docker_exec(distro, "systemctl stop php8.2-fpm ; systemctl start php8.2-fpm")
            elif distro in ("centos", "fedora", "rhel"):
                LinuxTest.docker_exec(distro, "dnf install -y php-fpm unzip")
                LinuxTest.docker_cp(distro, "./tests/www-rpm.conf", "/etc/php-fpm.d/www.conf")
--- a/tests/Upgrade.py
+++ b/tests/Upgrade.py
@ -577,7 +577,7 @@ elif distro == "debian":
            "/sys/fs/cgroup:/sys/fs/cgroup",
            "-v",
            "deb:/data",
-            "jrei/systemd-debian:11",
+            "jrei/systemd-debian:12",
        ]
    )

@ -586,11 +586,11 @@ elif distro == "debian":
    bash_script = """
    apt update && apt install -y sudo && \
    apt-get install gnupg2 ca-certificates lsb-release wget curl -y && \
-    echo "deb https://nginx.org/packages/debian/ bullseye nginx" > /etc/apt/sources.list.d/nginx.list && \
-    echo "deb-src https://nginx.org/packages/debian/ bullseye nginx" >> /etc/apt/sources.list.d/nginx.list && \
+    echo "deb https://nginx.org/packages/debian/ bookworm nginx" > /etc/apt/sources.list.d/nginx.list && \
+    echo "deb-src https://nginx.org/packages/debian/ bookworm nginx" >> /etc/apt/sources.list.d/nginx.list && \
    apt-key adv --keyserver keyserver.ubuntu.com --recv-keys ABF5BD827BD9BF62 && \
    apt-get update && \
-    apt-get install -y --no-install-recommends nginx=1.22.1-1~bullseye
+    apt-get install -y --no-install-recommends nginx=1.24.0-1~bookworm
    apt install /data/bunkerweb.deb -y
    """

@ -937,7 +937,7 @@ elif distro == "debian":
    echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
    http://nginx.org/packages/debian `lsb_release -cs` nginx" \
    | sudo tee /etc/apt/sources.list.d/nginx.list
-    sudo apt update && sudo apt install -y nginx=1.20.2-1~bullseye
+    sudo apt update && sudo apt install -y nginx=1.24.0-1~bookworm
    curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.deb.sh | sudo bash && \
    sudo apt update && \
    sudo apt install -y bunkerweb=1.4.5
@ -1628,7 +1628,7 @@ elif distro == "rhel":
            "--privileged",
            "-v",
            "/sys/fs/cgroup:/sys/fs/cgroup",
-            "registry.access.redhat.com/ubi8/ubi-init:8.7-10",
+            "registry.access.redhat.com/ubi8/ubi-init:8.9-1",
        ]
    )

@ -1636,8 +1636,8 @@ elif distro == "rhel":
    print("Installing bunkerweb...")
    bash_script = """
    dnf install yum-utils wget sudo -y
-    wget https://nginx.org/packages/rhel/8/x86_64/RPMS/nginx-1.22.1-1.el8.ngx.x86_64.rpm
-    dnf install nginx-1.22.1-1.el8.ngx.x86_64.rpm -y
+    wget https://nginx.org/packages/rhel/8/x86_64/RPMS/nginx-1.24.0-1.el8.ngx.x86_64.rpm
+    dnf install nginx-1.24.0-1.el8.ngx.x86_64.rpm -y
    dnf install /data/bunkerweb.rpm -y
    """

--- a/tests/linux/Dockerfile-debian
+++ b/tests/linux/Dockerfile-debian
@ -1,4 +1,4 @@
-FROM debian:bullseye@sha256:54d33aaad0bc936a9a40d856764c7bc35c0afaa9cab51f88bb95f6cd8004438d
+FROM debian:bookworm@sha256:133a1f2aa9e55d1c93d0ae1aaa7b94fb141265d0ee3ea677175cdb96f5f990e5

 ENV container docker
 ENV LC_ALL C
@ -25,11 +25,11 @@ RUN rm -f /lib/systemd/system/multi-user.target.wants/* \

 RUN apt update && \
    apt-get install php-fpm curl gnupg2 ca-certificates python3-pip -y && \
-    echo "deb https://nginx.org/packages/debian/ bullseye nginx" > /etc/apt/sources.list.d/nginx.list && \
-    echo "deb-src https://nginx.org/packages/debian/ bullseye nginx" >> /etc/apt/sources.list.d/nginx.list && \
+    echo "deb https://nginx.org/packages/debian/ bookworm nginx" > /etc/apt/sources.list.d/nginx.list && \
+    echo "deb-src https://nginx.org/packages/debian/ bookworm nginx" >> /etc/apt/sources.list.d/nginx.list && \
    apt-key adv --keyserver keyserver.ubuntu.com --recv-keys ABF5BD827BD9BF62 && \
    apt-get update && \
-    apt-get install -y --no-install-recommends nginx=${NGINX_VERSION}-1~bullseye
+    apt-get install -y --no-install-recommends nginx=${NGINX_VERSION}-1~bookworm

 COPY ./package-debian/*.deb /opt

--- a/tests/linux/Dockerfile-fedora
+++ b/tests/linux/Dockerfile-fedora
@ -1,4 +1,4 @@
-FROM fedora:38@sha256:6fc00f83a1b6526b1c6562e30f552d109ba8e269259c6742a26efab1b7aef59e
+FROM fedora:39@sha256:06df381d697d14940c886fda8e94a4fdc838df74e93f65111ed3ea04f7a7d6e0

 ENV container docker
 ENV NGINX_VERSION 1.24.0
--- a/tests/linux/Dockerfile-rhel
+++ b/tests/linux/Dockerfile-rhel
@ -1,4 +1,4 @@
-FROM redhat/ubi8-init:8.8@sha256:d28867269ca80401b742954e1bd21a62a8976989c64f5a885a0576ec23c64c43
+FROM redhat/ubi8-init:8.9-1@sha256:d56665582a7430d7417a110c3a5aa5d070934c01030757bcf0c338eab5e651af

 ENV NGINX_VERSION 1.24.0

--- a/tests/linux/Dockerfile-ubuntu
+++ b/tests/linux/Dockerfile-ubuntu
@ -1,4 +1,4 @@
-FROM ubuntu:22.04@sha256:aabed3296a3d45cede1dc866a24476c4d7e093aa806263c27ddaadbdce3c1054
+FROM ubuntu:22.04@sha256:8eab65df33a6de2844c9aefd19efe8ddb87b7df5e9185a4ab73af936225685bb

 ENV container docker
 ENV LC_ALL C