From be459d240eb45de92f37eea39ec6793e5755b56f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9ophile=20Diot?= Date: Wed, 31 May 2023 18:13:08 -0400 Subject: [PATCH] Update pid files paths to /var/run/bunkerweb --- src/bw/Dockerfile | 5 +++-- src/bw/entrypoint.sh | 4 ++-- src/common/confs/nginx.conf | 2 +- src/common/gen/main.py | 2 +- src/common/helpers/healthcheck-scheduler.sh | 2 +- src/common/helpers/healthcheck-ui.sh | 2 +- src/common/helpers/healthcheck.sh | 2 +- src/linux/Dockerfile-centos | 3 ++- src/linux/Dockerfile-debian | 3 ++- src/linux/Dockerfile-fedora | 3 ++- src/linux/Dockerfile-rhel | 3 ++- src/linux/Dockerfile-ubuntu | 3 ++- src/linux/bunkerweb-ui.service | 2 +- src/linux/bunkerweb.service | 2 +- src/linux/fpm-centos | 2 +- src/linux/fpm-debian | 2 +- src/linux/fpm-fedora | 2 +- src/linux/fpm-rhel | 2 +- src/linux/fpm-ubuntu | 2 +- src/linux/scripts/bunkerweb-ui.sh | 6 +++--- src/linux/scripts/postinstall.sh | 2 +- src/linux/scripts/start.sh | 8 ++++---- src/scheduler/Dockerfile | 5 +++-- src/scheduler/entrypoint.sh | 10 +++++----- src/scheduler/main.py | 6 +++--- src/ui/Dockerfile | 5 +++-- src/ui/gunicorn.conf.py | 2 +- src/ui/main.py | 2 +- src/ui/src/Instances.py | 2 +- 29 files changed, 52 insertions(+), 44 deletions(-) diff --git a/src/bw/Dockerfile b/src/bw/Dockerfile index ac0951571..76891a7db 100644 --- a/src/bw/Dockerfile +++ b/src/bw/Dockerfile @@ -54,6 +54,7 @@ COPY --from=builder --chown=0:101 /usr/share/bunkerweb /usr/share/bunkerweb RUN apk add --no-cache pcre bash python3 && \ cp /usr/share/bunkerweb/helpers/bwcli /usr/bin/ && \ mkdir -p /var/tmp/bunkerweb && \ + mkdir -p /var/run/bunkerweb && \ mkdir -p /var/www/html && \ mkdir -p /etc/bunkerweb && \ mkdir -p /data/cache && ln -s /data/cache /var/cache/bunkerweb && \ @@ -61,8 +62,8 @@ RUN apk add --no-cache pcre bash python3 && \ for dir in $(echo "configs/http configs/stream configs/server-http configs/server-stream configs/default-server-http configs/default-server-stream configs/modsec configs/modsec-crs") ; do mkdir "/data/${dir}" ; done && \ chown -R root:nginx /data && \ chmod -R 770 /data && \ - chown -R root:nginx /var/cache/bunkerweb /etc/bunkerweb /var/tmp/bunkerweb /usr/bin/bwcli && \ - chmod 770 /var/cache/bunkerweb /var/tmp/bunkerweb && \ + chown -R root:nginx /var/cache/bunkerweb /etc/bunkerweb /var/tmp/bunkerweb /var/run/bunkerweb /usr/bin/bwcli && \ + chmod 770 /var/cache/bunkerweb /var/tmp/bunkerweb /var/run/bunkerweb && \ chmod 750 /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/entrypoint.sh /usr/bin/bwcli /usr/share/bunkerweb/deps/python/bin/* && \ chown -R root:nginx /etc/nginx && \ chmod -R 770 /etc/nginx && \ diff --git a/src/bw/entrypoint.sh b/src/bw/entrypoint.sh index 1331a3482..b2a252f9a 100644 --- a/src/bw/entrypoint.sh +++ b/src/bw/entrypoint.sh @@ -21,7 +21,7 @@ trap "trap_exit" TERM INT QUIT # trap SIGHUP function trap_reload() { log "ENTRYPOINT" "ℹ️" "Catched reload operation" - if [ -f /var/tmp/bunkerweb/nginx.pid ] ; then + if [ -f /var/run/bunkerweb/nginx.pid ] ; then log "ENTRYPOINT" "ℹ️" "Reloading nginx ..." nginx -s reload if [ $? -eq 0 ] ; then @@ -50,7 +50,7 @@ pid="$!" # wait while nginx is running wait "$pid" -while [ -f "/var/tmp/bunkerweb/nginx.pid" ] ; do +while [ -f "/var/run/bunkerweb/nginx.pid" ] ; do wait "$pid" done diff --git a/src/common/confs/nginx.conf b/src/common/confs/nginx.conf index f284b030a..7df394d45 100644 --- a/src/common/confs/nginx.conf +++ b/src/common/confs/nginx.conf @@ -15,7 +15,7 @@ load_module /usr/share/bunkerweb/modules/ngx_http_brotli_static_module.so; load_module /usr/share/bunkerweb/modules/ngx_stream_lua_module.so; # PID file -pid /var/tmp/bunkerweb/nginx.pid; +pid /var/run/bunkerweb/nginx.pid; # worker number (default = auto) worker_processes {{ WORKER_PROCESSES }}; diff --git a/src/common/gen/main.py b/src/common/gen/main.py index fc0aabcae..53eaf820f 100644 --- a/src/common/gen/main.py +++ b/src/common/gen/main.py @@ -188,7 +188,7 @@ if __name__ == "__main__": and not args.no_linux_reload ): retries = 0 - while not Path(sep, "var", "tmp", "bunkerweb", "nginx.pid").exists(): + while not Path(sep, "var", "run", "bunkerweb", "nginx.pid").exists(): if retries == 5: logger.error( "BunkerWeb's nginx didn't start in time.", diff --git a/src/common/helpers/healthcheck-scheduler.sh b/src/common/helpers/healthcheck-scheduler.sh index e0ba8da08..1e1819f9b 100644 --- a/src/common/helpers/healthcheck-scheduler.sh +++ b/src/common/helpers/healthcheck-scheduler.sh @@ -1,6 +1,6 @@ #!/bin/bash -if [ ! -f /var/tmp/bunkerweb/scheduler.pid ] ; then +if [ ! -f /var/run/bunkerweb/scheduler.pid ] ; then exit 1 fi diff --git a/src/common/helpers/healthcheck-ui.sh b/src/common/helpers/healthcheck-ui.sh index abe65bc40..60e7c9fcc 100644 --- a/src/common/helpers/healthcheck-ui.sh +++ b/src/common/helpers/healthcheck-ui.sh @@ -1,6 +1,6 @@ #!/bin/bash -if [ ! -f /var/tmp/bunkerweb/ui.pid ] ; then +if [ ! -f /var/run/bunkerweb/ui.pid ] ; then exit 1 fi diff --git a/src/common/helpers/healthcheck.sh b/src/common/helpers/healthcheck.sh index 3fd840d7e..c0b591526 100644 --- a/src/common/helpers/healthcheck.sh +++ b/src/common/helpers/healthcheck.sh @@ -1,6 +1,6 @@ #!/bin/bash -if [ ! -f /var/tmp/bunkerweb/nginx.pid ] ; then +if [ ! -f /var/run/bunkerweb/nginx.pid ] ; then exit 1 fi diff --git a/src/linux/Dockerfile-centos b/src/linux/Dockerfile-centos index 4ddc651b7..237355ff6 100644 --- a/src/linux/Dockerfile-centos +++ b/src/linux/Dockerfile-centos @@ -63,6 +63,7 @@ RUN cp /usr/share/bunkerweb/helpers/bwcli /usr/bin/ && \ mkdir -p /var/cache/bunkerweb/ && \ mkdir -p /etc/bunkerweb/plugins && \ mkdir -p /var/tmp/bunkerweb/ && \ + mkdir -p /var/run/bunkerweb/ && \ mkdir -p /var/www/html && \ mkdir -p /var/lib/bunkerweb && \ #mkdir /var/www/html && \ @@ -71,7 +72,7 @@ RUN cp /usr/share/bunkerweb/helpers/bwcli /usr/bin/ && \ find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type f -exec chmod 0740 {} \; && \ #It's a find command that will find all files in the bunkerweb directory, excluding the ui/deps directory, and then chmod them to 0740. find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type d -exec chmod 0750 {} \; && \ - chmod 770 /var/cache/bunkerweb/ /var/tmp/bunkerweb/ && \ + chmod 770 /var/cache/bunkerweb/ /var/tmp/bunkerweb/ /var/run/bunkerweb/ && \ chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/scheduler/main.py /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/ui/main.py /var/www && \ # Don't forget to add /var/www/html on the above line find /usr/share/bunkerweb/core/*/jobs/* -type f -exec chmod 750 {} \; && \ diff --git a/src/linux/Dockerfile-debian b/src/linux/Dockerfile-debian index 434b4b8b4..86ab9d648 100644 --- a/src/linux/Dockerfile-debian +++ b/src/linux/Dockerfile-debian @@ -68,6 +68,7 @@ RUN cp /usr/share/bunkerweb/helpers/bwcli /usr/bin/ && \ mkdir -p /var/cache/bunkerweb/ && \ mkdir -p /etc/bunkerweb/plugins && \ mkdir -p /var/tmp/bunkerweb/ && \ + mkdir -p /var/run/bunkerweb/ && \ mkdir -p /var/www/ && \ mkdir -p /var/lib/bunkerweb && \ mkdir /var/www/html && \ @@ -76,7 +77,7 @@ RUN cp /usr/share/bunkerweb/helpers/bwcli /usr/bin/ && \ find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type f -exec chmod 0740 {} \; && \ #It's a find command that will find all files in the bunkerweb directory, excluding the ui/deps directory, and then chmod them to 0740. find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type d -exec chmod 0750 {} \; && \ - chmod 770 /var/cache/bunkerweb/ /var/tmp/bunkerweb/ && \ + chmod 770 /var/cache/bunkerweb/ /var/tmp/bunkerweb/ /var/run/bunkerweb/ && \ chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/scheduler/main.py /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/ui/main.py /var/www/ && \ # Don't forget to add /var/www/html on the above line find /usr/share/bunkerweb/core/*/jobs/* -type f -exec chmod 750 {} \; && \ diff --git a/src/linux/Dockerfile-fedora b/src/linux/Dockerfile-fedora index f05e39b24..8233a7ac3 100644 --- a/src/linux/Dockerfile-fedora +++ b/src/linux/Dockerfile-fedora @@ -62,12 +62,13 @@ RUN cp /usr/share/bunkerweb/helpers/bwcli /usr/bin/ && \ mkdir -p /var/cache/bunkerweb/ && \ mkdir -p /etc/bunkerweb/plugins && \ mkdir -p /var/tmp/bunkerweb/ && \ + mkdir -p /var/run/bunkerweb/ && \ mkdir -p /var/www/html && \ mkdir -p /var/lib/bunkerweb && \ echo "Linux" > /usr/share/bunkerweb/INTEGRATION && \ find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type f -exec chmod 0740 {} \; && \ find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type d -exec chmod 0750 {} \; && \ - chmod 770 /var/cache/bunkerweb/ /var/tmp/bunkerweb/ && \ + chmod 770 /var/cache/bunkerweb/ /var/tmp/bunkerweb/ /var/run/bunkerweb/ && \ chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/scheduler/main.py /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/ui/main.py /var/www/ && \ find /usr/share/bunkerweb/core/*/jobs/* -type f -exec chmod 750 {} \; && \ chmod 755 /usr/share/bunkerweb diff --git a/src/linux/Dockerfile-rhel b/src/linux/Dockerfile-rhel index 197e21d65..59095f376 100644 --- a/src/linux/Dockerfile-rhel +++ b/src/linux/Dockerfile-rhel @@ -76,12 +76,13 @@ RUN cp /usr/share/bunkerweb/helpers/bwcli /usr/bin/ && \ mkdir -p /var/cache/bunkerweb/ && \ mkdir -p /etc/bunkerweb/plugins && \ mkdir -p /var/tmp/bunkerweb/ && \ + mkdir -p /var/run/bunkerweb/ && \ mkdir -p /var/www/html && \ mkdir -p /var/lib/bunkerweb && \ echo "Linux" > /usr/share/bunkerweb/INTEGRATION && \ find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type f -exec chmod 0740 {} \; && \ find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type d -exec chmod 0750 {} \; && \ - chmod 770 /var/cache/bunkerweb/ /var/tmp/bunkerweb/ && \ + chmod 770 /var/cache/bunkerweb/ /var/tmp/bunkerweb/ /var/run/bunkerweb/ && \ chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/scheduler/main.py /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/ui/main.py /var/www/ && \ find /usr/share/bunkerweb/core/*/jobs/* -type f -exec chmod 750 {} \; && \ chmod 755 /usr/share/bunkerweb diff --git a/src/linux/Dockerfile-ubuntu b/src/linux/Dockerfile-ubuntu index 155228bf0..a11743909 100644 --- a/src/linux/Dockerfile-ubuntu +++ b/src/linux/Dockerfile-ubuntu @@ -65,12 +65,13 @@ RUN cp /usr/share/bunkerweb/helpers/bwcli /usr/bin/ && \ mkdir -p /var/cache/bunkerweb/ && \ mkdir -p /etc/bunkerweb/plugins && \ mkdir -p /var/tmp/bunkerweb/ && \ + mkdir -p /var/run/bunkerweb/ && \ mkdir -p /var/www/html && \ mkdir -p /var/lib/bunkerweb && \ echo "Linux" > /usr/share/bunkerweb/INTEGRATION && \ find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type f -exec chmod 0740 {} \; && \ find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type d -exec chmod 0750 {} \; && \ - chmod 770 /var/cache/bunkerweb/ /var/tmp/bunkerweb/ && \ + chmod 770 /var/cache/bunkerweb/ /var/tmp/bunkerweb/ /var/run/bunkerweb/ && \ chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/scheduler/main.py /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/ui/main.py /var/www/ && \ find /usr/share/bunkerweb/core/*/jobs/* -type f -exec chmod 750 {} \; && \ chmod 755 /usr/share/bunkerweb diff --git a/src/linux/bunkerweb-ui.service b/src/linux/bunkerweb-ui.service index c98a414d9..360b5cc10 100644 --- a/src/linux/bunkerweb-ui.service +++ b/src/linux/bunkerweb-ui.service @@ -6,7 +6,7 @@ After=bunkerweb.service [Service] Restart=no User=nginx -PIDFile=/var/tmp/bunkerweb/ui.pid +PIDFile=/var/run/bunkerweb/ui.pid ExecStart=/usr/share/bunkerweb/scripts/bunkerweb-ui.sh start ExecStop=/usr/share/bunkerweb/scripts/bunkerweb-ui.sh stop ExecReload=/usr/share/bunkerweb/scripts/bunkerweb-ui.sh reload diff --git a/src/linux/bunkerweb.service b/src/linux/bunkerweb.service index d59a69f79..4aec40a8e 100644 --- a/src/linux/bunkerweb.service +++ b/src/linux/bunkerweb.service @@ -6,7 +6,7 @@ After=network.target [Service] Restart=no User=root -PIDFile=/var/tmp/bunkerweb/scheduler.pid +PIDFile=/var/run/bunkerweb/scheduler.pid ExecStart=/usr/share/bunkerweb/scripts/start.sh start ExecStop=/usr/share/bunkerweb/scripts/start.sh stop ExecReload=/usr/share/bunkerweb/scripts/start.sh reload diff --git a/src/linux/fpm-centos b/src/linux/fpm-centos index bab8fac5a..4df30b038 100644 --- a/src/linux/fpm-centos +++ b/src/linux/fpm-centos @@ -10,4 +10,4 @@ --before-install /usr/share/bunkerweb/scripts/beforeInstall.sh --after-install /usr/share/bunkerweb/scripts/postinstall.sh --after-remove /usr/share/bunkerweb/scripts/afterRemoveRPM.sh -/usr/share/bunkerweb/=/usr/share/bunkerweb/ /usr/bin/bwcli=/usr/bin/bwcli /etc/bunkerweb/=/etc/bunkerweb /var/tmp/bunkerweb/=/var/tmp/bunkerweb /var/cache/bunkerweb/=/var/cache/bunkerweb /lib/systemd/system/bunkerweb.service=/lib/systemd/system/bunkerweb.service /lib/systemd/system/bunkerweb-ui.service=/lib/systemd/system/bunkerweb-ui.service /var/lib/bunkerweb=/var/lib/bunkerweb +/usr/share/bunkerweb/=/usr/share/bunkerweb/ /usr/bin/bwcli=/usr/bin/bwcli /etc/bunkerweb/=/etc/bunkerweb /var/tmp/bunkerweb/=/var/tmp/bunkerweb /var/run/bunkerweb=/var/run/bunkerweb /var/cache/bunkerweb/=/var/cache/bunkerweb /lib/systemd/system/bunkerweb.service=/lib/systemd/system/bunkerweb.service /lib/systemd/system/bunkerweb-ui.service=/lib/systemd/system/bunkerweb-ui.service /var/lib/bunkerweb=/var/lib/bunkerweb diff --git a/src/linux/fpm-debian b/src/linux/fpm-debian index 011b9a493..8571be85a 100644 --- a/src/linux/fpm-debian +++ b/src/linux/fpm-debian @@ -10,4 +10,4 @@ --before-install /usr/share/bunkerweb/scripts/beforeInstall.sh --after-install /usr/share/bunkerweb/scripts/postinstall.sh --after-remove /usr/share/bunkerweb/scripts/afterRemoveDEB.sh -/usr/share/bunkerweb/=/usr/share/bunkerweb/ /usr/bin/bwcli=/usr/bin/bwcli /etc/bunkerweb/=/etc/bunkerweb /var/tmp/bunkerweb/=/var/tmp/bunkerweb /var/cache/bunkerweb/=/var/cache/bunkerweb /lib/systemd/system/bunkerweb.service=/lib/systemd/system/bunkerweb.service /lib/systemd/system/bunkerweb-ui.service=/lib/systemd/system/bunkerweb-ui.service /var/lib/bunkerweb=/var/lib/bunkerweb +/usr/share/bunkerweb/=/usr/share/bunkerweb/ /usr/bin/bwcli=/usr/bin/bwcli /etc/bunkerweb/=/etc/bunkerweb /var/tmp/bunkerweb/=/var/tmp/bunkerweb /var/run/bunkerweb=/var/run/bunkerweb /var/cache/bunkerweb/=/var/cache/bunkerweb /lib/systemd/system/bunkerweb.service=/lib/systemd/system/bunkerweb.service /lib/systemd/system/bunkerweb-ui.service=/lib/systemd/system/bunkerweb-ui.service /var/lib/bunkerweb=/var/lib/bunkerweb diff --git a/src/linux/fpm-fedora b/src/linux/fpm-fedora index 07b389fe9..d094104d7 100644 --- a/src/linux/fpm-fedora +++ b/src/linux/fpm-fedora @@ -10,4 +10,4 @@ --before-install /usr/share/bunkerweb/scripts/beforeInstall.sh --after-install /usr/share/bunkerweb/scripts/postinstall.sh --after-remove /usr/share/bunkerweb/scripts/afterRemoveRPM.sh -/usr/share/bunkerweb/=/usr/share/bunkerweb/ /usr/bin/bwcli=/usr/bin/bwcli /etc/bunkerweb/=/etc/bunkerweb /var/tmp/bunkerweb/=/var/tmp/bunkerweb /var/cache/bunkerweb/=/var/cache/bunkerweb /lib/systemd/system/bunkerweb.service=/lib/systemd/system/bunkerweb.service /lib/systemd/system/bunkerweb-ui.service=/lib/systemd/system/bunkerweb-ui.service /var/lib/bunkerweb=/var/lib/bunkerweb +/usr/share/bunkerweb/=/usr/share/bunkerweb/ /usr/bin/bwcli=/usr/bin/bwcli /etc/bunkerweb/=/etc/bunkerweb /var/tmp/bunkerweb/=/var/tmp/bunkerweb /var/run/bunkerweb=/var/run/bunkerweb /var/cache/bunkerweb/=/var/cache/bunkerweb /lib/systemd/system/bunkerweb.service=/lib/systemd/system/bunkerweb.service /lib/systemd/system/bunkerweb-ui.service=/lib/systemd/system/bunkerweb-ui.service /var/lib/bunkerweb=/var/lib/bunkerweb diff --git a/src/linux/fpm-rhel b/src/linux/fpm-rhel index 893dc3a6b..f5de7ec23 100644 --- a/src/linux/fpm-rhel +++ b/src/linux/fpm-rhel @@ -10,4 +10,4 @@ --before-install /usr/share/bunkerweb/scripts/beforeInstall.sh --after-install /usr/share/bunkerweb/scripts/postinstall.sh --after-remove /usr/share/bunkerweb/scripts/afterRemoveRPM.sh -/usr/share/bunkerweb/=/usr/share/bunkerweb/ /usr/bin/bwcli=/usr/bin/bwcli /etc/bunkerweb/=/etc/bunkerweb /var/tmp/bunkerweb/=/var/tmp/bunkerweb /var/cache/bunkerweb/=/var/cache/bunkerweb /lib/systemd/system/bunkerweb.service=/lib/systemd/system/bunkerweb.service /lib/systemd/system/bunkerweb-ui.service=/lib/systemd/system/bunkerweb-ui.service /var/lib/bunkerweb=/var/lib/bunkerweb +/usr/share/bunkerweb/=/usr/share/bunkerweb/ /usr/bin/bwcli=/usr/bin/bwcli /etc/bunkerweb/=/etc/bunkerweb /var/tmp/bunkerweb/=/var/tmp/bunkerweb /var/run/bunkerweb=/var/run/bunkerweb /var/cache/bunkerweb/=/var/cache/bunkerweb /lib/systemd/system/bunkerweb.service=/lib/systemd/system/bunkerweb.service /lib/systemd/system/bunkerweb-ui.service=/lib/systemd/system/bunkerweb-ui.service /var/lib/bunkerweb=/var/lib/bunkerweb diff --git a/src/linux/fpm-ubuntu b/src/linux/fpm-ubuntu index 429c30a5d..a03376cb2 100644 --- a/src/linux/fpm-ubuntu +++ b/src/linux/fpm-ubuntu @@ -11,4 +11,4 @@ --after-install /usr/share/bunkerweb/scripts/postinstall.sh --after-remove /usr/share/bunkerweb/scripts/afterRemoveDEB.sh --deb-no-default-config-files -/usr/share/bunkerweb/=/usr/share/bunkerweb/ /usr/bin/bwcli=/usr/bin/bwcli /etc/bunkerweb/=/etc/bunkerweb /var/tmp/bunkerweb/=/var/tmp/bunkerweb /var/cache/bunkerweb/=/var/cache/bunkerweb /lib/systemd/system/bunkerweb.service=/lib/systemd/system/bunkerweb.service /lib/systemd/system/bunkerweb-ui.service=/lib/systemd/system/bunkerweb-ui.service /var/lib/bunkerweb=/var/lib/bunkerweb +/usr/share/bunkerweb/=/usr/share/bunkerweb/ /usr/bin/bwcli=/usr/bin/bwcli /etc/bunkerweb/=/etc/bunkerweb /var/tmp/bunkerweb/=/var/tmp/bunkerweb /var/run/bunkerweb=/var/run/bunkerweb /var/cache/bunkerweb/=/var/cache/bunkerweb /lib/systemd/system/bunkerweb.service=/lib/systemd/system/bunkerweb.service /lib/systemd/system/bunkerweb-ui.service=/lib/systemd/system/bunkerweb-ui.service /var/lib/bunkerweb=/var/lib/bunkerweb diff --git a/src/linux/scripts/bunkerweb-ui.sh b/src/linux/scripts/bunkerweb-ui.sh index 52297982e..63df473ed 100755 --- a/src/linux/scripts/bunkerweb-ui.sh +++ b/src/linux/scripts/bunkerweb-ui.sh @@ -16,14 +16,14 @@ start() { source /etc/bunkerweb/ui.env export $(cat /etc/bunkerweb/ui.env) python3 -m gunicorn --config /usr/share/bunkerweb/ui/gunicorn.conf.py main:app --bind 127.0.0.1:7000 & - echo $! > /var/tmp/bunkerweb/ui.pid + echo $! > /var/run/bunkerweb/ui.pid } # Function to stop the UI stop() { echo "Stopping UI service..." - if [ -f "/var/tmp/bunkerweb/ui.pid" ]; then - pid=$(cat /var/tmp/bunkerweb/ui.pid) + if [ -f "/var/run/bunkerweb/ui.pid" ]; then + pid=$(cat /var/run/bunkerweb/ui.pid) kill -s TERM $pid else echo "UI service is not running or the pid file doesn't exist." diff --git a/src/linux/scripts/postinstall.sh b/src/linux/scripts/postinstall.sh index c0d214d41..746ff1e39 100644 --- a/src/linux/scripts/postinstall.sh +++ b/src/linux/scripts/postinstall.sh @@ -23,7 +23,7 @@ function do_and_check_cmd() { # Give all the permissions to the nginx user echo "Setting ownership for all necessary directories to nginx user and group..." -do_and_check_cmd chown -R nginx:nginx /usr/share/bunkerweb /var/cache/bunkerweb /var/lib/bunkerweb /etc/bunkerweb /var/tmp/bunkerweb +do_and_check_cmd chown -R nginx:nginx /usr/share/bunkerweb /var/cache/bunkerweb /var/lib/bunkerweb /etc/bunkerweb /var/tmp/bunkerweb /var/run/bunkerweb # Stop and disable nginx on boot echo "Stop and disable nginx on boot..." diff --git a/src/linux/scripts/start.sh b/src/linux/scripts/start.sh index 07df62b5f..8cb0c7bc2 100644 --- a/src/linux/scripts/start.sh +++ b/src/linux/scripts/start.sh @@ -45,8 +45,8 @@ function stop_nginx() { } function stop_scheduler() { - if [ -f "/var/tmp/bunkerweb/scheduler.pid" ] ; then - scheduler_pid=$(cat "/var/tmp/bunkerweb/scheduler.pid") + if [ -f "/var/run/bunkerweb/scheduler.pid" ] ; then + scheduler_pid=$(cat "/var/run/bunkerweb/scheduler.pid") log "SYSTEMCTL" "ℹ️ " "Stopping scheduler..." kill -SIGINT "$scheduler_pid" if [ $? -ne 0 ] ; then @@ -58,7 +58,7 @@ function stop_scheduler() { return 0 fi count=0 - while [ -f "/var/tmp/bunkerweb/scheduler.pid" ] ; do + while [ -f "/var/run/bunkerweb/scheduler.pid" ] ; do sleep 1 count=$(($count + 1)) if [ $count -ge 10 ] ; then @@ -171,7 +171,7 @@ function reload() log "SYSTEMCTL" "ℹ️" "Reloading BunkerWeb service ..." - PID_FILE_PATH="/var/tmp/bunkerweb/scheduler.pid" + PID_FILE_PATH="/var/run/bunkerweb/scheduler.pid" if [ -f "$PID_FILE_PATH" ]; then var=$(cat "$PID_FILE_PATH") diff --git a/src/scheduler/Dockerfile b/src/scheduler/Dockerfile index 070bf2920..05af7131d 100644 --- a/src/scheduler/Dockerfile +++ b/src/scheduler/Dockerfile @@ -55,6 +55,7 @@ RUN apk add --no-cache bash libgcc libstdc++ openssl && \ cp /usr/share/bunkerweb/helpers/bwcli /usr/bin/ && \ echo "Docker" > /usr/share/bunkerweb/INTEGRATION && \ mkdir -p /var/tmp/bunkerweb && \ + mkdir -p /var/run/bunkerweb && \ mkdir -p /var/www && \ mkdir -p /etc/bunkerweb && \ mkdir -p /data/cache && ln -s /data/cache /var/cache/bunkerweb && \ @@ -64,8 +65,8 @@ RUN apk add --no-cache bash libgcc libstdc++ openssl && \ for dir in $(echo "configs/http configs/stream configs/server-http configs/server-stream configs/default-server-http configs/default-server-stream configs/modsec configs/modsec-crs") ; do mkdir "/data/${dir}" ; done && \ chown -R root:scheduler /data && \ chmod -R 770 /data && \ - chown -R root:scheduler /var/cache/bunkerweb /var/lib/bunkerweb /etc/bunkerweb /var/tmp/bunkerweb /usr/bin/bwcli && \ - chmod -R 770 /var/cache/bunkerweb /var/lib/bunkerweb /etc/bunkerweb /var/tmp/bunkerweb && \ + chown -R root:scheduler /var/cache/bunkerweb /var/lib/bunkerweb /etc/bunkerweb /var/tmp/bunkerweb /var/run/bunkerweb /usr/bin/bwcli && \ + chmod -R 770 /var/cache/bunkerweb /var/lib/bunkerweb /etc/bunkerweb /var/tmp/bunkerweb /var/run/bunkerweb && \ find /usr/share/bunkerweb/core/*/jobs/* -type f -exec chmod 750 {} \; && \ chmod 750 /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/gen/*.py /usr/share/bunkerweb/scheduler/main.py /usr/share/bunkerweb/scheduler/entrypoint.sh /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/deps/python/bin/* /usr/bin/bwcli && \ mkdir -p /etc/nginx && \ diff --git a/src/scheduler/entrypoint.sh b/src/scheduler/entrypoint.sh index 89f8c95c3..57dcc69a9 100755 --- a/src/scheduler/entrypoint.sh +++ b/src/scheduler/entrypoint.sh @@ -5,15 +5,15 @@ # trap SIGTERM and SIGINT function trap_exit() { log "ENTRYPOINT" "ℹ️ " "Catched stop operation" - if [ -f "/var/tmp/bunkerweb/scheduler.pid" ] ; then + if [ -f "/var/run/bunkerweb/scheduler.pid" ] ; then log "ENTRYPOINT" "ℹ️ " "Stopping job scheduler ..." - kill -s TERM "$(cat /var/tmp/bunkerweb/scheduler.pid)" + kill -s TERM "$(cat /var/run/bunkerweb/scheduler.pid)" fi } trap "trap_exit" TERM INT QUIT -if [ -f /var/tmp/bunkerweb/scheduler.pid ] ; then - rm -f /var/tmp/bunkerweb/scheduler.pid +if [ -f /var/run/bunkerweb/scheduler.pid ] ; then + rm -f /var/run/bunkerweb/scheduler.pid fi log "ENTRYPOINT" "ℹ️" "Starting the job scheduler v$(cat /usr/share/bunkerweb/VERSION) ..." @@ -44,7 +44,7 @@ log "ENTRYPOINT" "ℹ️ " "Executing scheduler ..." /usr/share/bunkerweb/scheduler/main.py & pid="$!" wait "$pid" -while [ -f /var/tmp/bunkerweb/scheduler.pid ] ; do +while [ -f /var/run/bunkerweb/scheduler.pid ] ; do wait "$pid" done diff --git a/src/scheduler/main.py b/src/scheduler/main.py index 576de1563..0060f5c46 100644 --- a/src/scheduler/main.py +++ b/src/scheduler/main.py @@ -83,7 +83,7 @@ signal(SIGHUP, handle_reload) def stop(status): - Path(sep, "var", "tmp", "bunkerweb", "scheduler.pid").unlink(missing_ok=True) + Path(sep, "var", "run", "bunkerweb", "scheduler.pid").unlink(missing_ok=True) Path(sep, "var", "tmp", "bunkerweb", "scheduler.healthy").unlink(missing_ok=True) _exit(status) @@ -172,7 +172,7 @@ def generate_external_plugins( if __name__ == "__main__": try: # Don't execute if pid file exists - pid_path = Path(sep, "var", "tmp", "bunkerweb", "scheduler.pid") + pid_path = Path(sep, "var", "run", "bunkerweb", "scheduler.pid") if pid_path.is_file(): logger.error( "Scheduler is already running, skipping execution ...", @@ -507,7 +507,7 @@ if __name__ == "__main__": i = 0 while i < 20: if not Path( - sep, "var", "tmp", "bunkerweb", "nginx.pid" + sep, "var", "run", "bunkerweb", "nginx.pid" ).is_file(): break logger.warning("Waiting for temp nginx to stop ...") diff --git a/src/ui/Dockerfile b/src/ui/Dockerfile index 1c96d3797..63e903d7d 100755 --- a/src/ui/Dockerfile +++ b/src/ui/Dockerfile @@ -51,6 +51,7 @@ RUN apk add --no-cache bash && \ adduser -h /var/cache/nginx -g ui -s /bin/sh -G ui -D -H -u 101 ui && \ echo "Docker" > /usr/share/bunkerweb/INTEGRATION && \ mkdir -p /var/tmp/bunkerweb && \ + mkdir -p /var/run/bunkerweb && \ mkdir -p /etc/bunkerweb && \ mkdir -p /data/cache && ln -s /data/cache /var/cache/bunkerweb && \ mkdir -p /data/lib && ln -s /data/lib /var/lib/bunkerweb && \ @@ -59,8 +60,8 @@ RUN apk add --no-cache bash && \ for dir in $(echo "configs/http configs/stream configs/server-http configs/server-stream configs/default-server-http configs/default-server-stream configs/modsec configs/modsec-crs") ; do mkdir "/data/${dir}" ; done && \ chown -R root:ui /data && \ chmod -R 770 /data && \ - chown -R root:ui /usr/share/bunkerweb/INTEGRATION /var/cache/bunkerweb /var/lib/bunkerweb /etc/bunkerweb /var/tmp/bunkerweb /var/log/nginx && \ - chmod 770 /var/cache/bunkerweb /var/lib/bunkerweb /var/tmp/bunkerweb /var/log/nginx/ui.log && \ + chown -R root:ui /usr/share/bunkerweb/INTEGRATION /var/cache/bunkerweb /var/lib/bunkerweb /etc/bunkerweb /var/tmp/bunkerweb /var/run/bunkerweb /var/log/nginx && \ + chmod 770 /var/cache/bunkerweb /var/lib/bunkerweb /var/tmp/bunkerweb /var/run/bunkerweb /var/log/nginx/ui.log && \ chmod 750 /usr/share/bunkerweb/gen/*.py /usr/share/bunkerweb/ui/*.py /usr/share/bunkerweb/ui/src/*.py /usr/share/bunkerweb/deps/python/bin/* /usr/share/bunkerweb/helpers/*.sh && \ chmod 660 /usr/share/bunkerweb/INTEGRATION && \ chown root:ui /usr/share/bunkerweb/INTEGRATION diff --git a/src/ui/gunicorn.conf.py b/src/ui/gunicorn.conf.py index 6a48c89a6..6fd51c2a6 100644 --- a/src/ui/gunicorn.conf.py +++ b/src/ui/gunicorn.conf.py @@ -9,7 +9,7 @@ access_log_format = ( ) errorlog = "-" preload_app = True -pidfile = join(sep, "var", "tmp", "bunkerweb", "ui.pid") +pidfile = join(sep, "var", "run", "bunkerweb", "ui.pid") user = "ui" group = "ui" secure_scheme_headers = { diff --git a/src/ui/main.py b/src/ui/main.py index aeb347a97..5a618786e 100755 --- a/src/ui/main.py +++ b/src/ui/main.py @@ -97,7 +97,7 @@ def stop_gunicorn(): def stop(status, stop=True): - Path(sep, "var", "tmp", "bunkerweb", "ui.pid").unlink(missing_ok=True) + Path(sep, "var", "run", "bunkerweb", "ui.pid").unlink(missing_ok=True) Path(sep, "var", "tmp", "bunkerweb", "ui.healthy").unlink(missing_ok=True) if stop is True: stop_gunicorn() diff --git a/src/ui/src/Instances.py b/src/ui/src/Instances.py index c60020196..1a9de22d8 100644 --- a/src/ui/src/Instances.py +++ b/src/ui/src/Instances.py @@ -251,7 +251,7 @@ class Instances: "127.0.0.1", "local", "up" - if Path(sep, "var", "tmp", "bunkerweb", "nginx.pid").exists() + if Path(sep, "var", "run", "bunkerweb", "nginx.pid").exists() else "down", None, ApiCaller(