diff --git a/src/linux/Dockerfile-centos b/src/linux/Dockerfile-centos index 65625c1e2..2c43aedcc 100644 --- a/src/linux/Dockerfile-centos +++ b/src/linux/Dockerfile-centos @@ -26,14 +26,23 @@ RUN dnf install yum-utils -y && \ dnf install nginx-1.20.2 -y # Compile and install dependencies -RUN dnf install -y python39-pip brotli brotli-devel gperftools-devel perl libxslt-devel libxml2 libxslt bash gd gd-devel gcc-c++ kernel-devel curl znc-modtcl libmpc-devel gmp-devel gawk mpfr-devel libtool pcre-devel automake autoconf readline-devel gcc make openssl-devel git zlib-devel libxml2-devel pkgconf libcurl-devel geoip-devel lmdb-libs && \ +RUN dnf install -y python39-pip brotli brotli-devel wget gperftools-devel perl libxslt-devel libxml2 libxslt bash gd gd-devel gcc-c++ kernel-devel curl znc-modtcl libmpc-devel gmp-devel gawk mpfr-devel libtool pcre-devel automake autoconf readline-devel gcc make openssl-devel git zlib-devel libxml2-devel pkgconf libcurl-devel geoip-devel lmdb-libs && \ mkdir -p /usr/share/bunkerweb/deps && \ chmod +x /tmp/bunkerweb/deps/install.sh && \ bash /tmp/bunkerweb/deps/install.sh && \ - mkdir /usr/share/bunkerweb/deps/python && \ - # Dirty fix to avoid errors with --target and packages same namespace - cp -r /usr/lib64/python3.9/* /usr/lib/python3.9/ && \ - PYTHONPLATLIBDIR=lib pip3.9 install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /tmp/bunkerweb/deps/requirements.txt + mkdir /usr/share/bunkerweb/deps/python + +# Install python 3.10 +RUN wget https://www.python.org/ftp/python/3.10.8/Python-3.10.8.tgz && \ + tar -xvf Python-3.10.8.tgz && \ + cd Python-3.10.8 && \ + ./configure --enable-optimizations && \ + make altinstall && \ + cd .. && \ + rm -rf Python-3.10.8 && \ + rm -rf Python-3.10.8.tgz + +RUN pip3.10 install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /tmp/bunkerweb/deps/requirements.txt # Copy files # can't exclude deps from . so we are copying everything by hand @@ -53,33 +62,40 @@ COPY src/scheduler /usr/share/bunkerweb/scheduler COPY src/ui /usr/share/bunkerweb/ui COPY src/VERSION /usr/share/bunkerweb/VERSION +# Setup BW RUN cp /usr/share/bunkerweb/helpers/bwcli /usr/bin/ && \ chmod 755 /usr/bin/bwcli && \ - mkdir /etc/bunkerweb/configs && \ - mkdir /var/cache/bunkerweb/ && \ - mkdir /etc/bunkerweb/plugins && \ - mkdir /var/tmp/bunkerweb/ && \ + mkdir -p /etc/bunkerweb/configs && \ + mkdir -p /var/cache/bunkerweb/ && \ + mkdir -p /etc/bunkerweb/plugins && \ + mkdir -p /var/tmp/bunkerweb/ && \ + mkdir -p /var/www && \ #mkdir /var/www/html && \ echo "Linux" > /usr/share/bunkerweb/INTEGRATION && \ + #It's a find command that will find all files in the bunkerweb directory, excluding the ui/deps directory, and then chmod them to 0740. find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type f -exec chmod 0740 {} \; && \ + #It's a find command that will find all files in the bunkerweb directory, excluding the ui/deps directory, and then chmod them to 0740. find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type d -exec chmod 0750 {} \; && \ chmod 770 /var/cache/bunkerweb/ /var/tmp/bunkerweb/ && \ - chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/scheduler/main.py /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/ui/main.py && \ + chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/scheduler/main.py /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/ui/main.py /var/www && \ + # Don't forget to add /var/www/html on the above line find /usr/share/bunkerweb/core/*/jobs/* -type f -exec chmod 750 {} \; && \ - pip3.9 install --no-cache-dir --require-hashes --no-deps --target /usr/bin/bunkerweb/deps/python -r /usr/bin/bunkerweb/ui/deps/requirements.txt && \ + pip3.10 install --no-cache-dir --upgrade pip && \ + pip3.10 install wheel && \ + mkdir -p /usr/share/bunkerweb/ui/deps/python && \ + pip3.10 install --no-cache-dir --require-hashes --no-deps --target /usr/share/bunkerweb/deps/python -r /tmp/bunkerweb/deps/requirements.txt && \ + pip3.10 install --no-cache-dir gunicorn && \ chmod 755 /usr/share/bunkerweb # Copy Linux files -COPY src/linux/variables.env /etc/bunkerweb/variables.env -COPY src/linux/ui.env /etc/bunkerweb/ui.env COPY src/linux/scripts /usr/share/bunkerweb/scripts COPY src/linux/fpm.sh /usr/share/fpm.sh RUN chmod +x /usr/share/bunkerweb/scripts/*.sh /usr/share/fpm.sh COPY src/linux/fpm-ubuntu /usr/share/.fpm -COPY src/linux/bunkerweb.service /usr/share/bunkerweb.service -COPY src/linux/bunkerweb-ui.service /usr/share/bunkerweb-ui.service +COPY src/linux/bunkerweb.service /etc/systemd/system/bunkerweb.service +COPY src/linux/bunkerweb-ui.service /etc/systemd/system/bunkerweb-ui.service # Generate DEB at startup VOLUME /data WORKDIR /usr/share/ -ENTRYPOINT ["/usr/share/fpm.sh", "deb"] +ENTRYPOINT ["/usr/share/fpm.sh", "rpm"] diff --git a/src/linux/Dockerfile-debian b/src/linux/Dockerfile-debian index 42c983e62..609e2d286 100644 --- a/src/linux/Dockerfile-debian +++ b/src/linux/Dockerfile-debian @@ -9,7 +9,7 @@ RUN apt update && \ gem install fpm # Copy dependencies sources folder -COPY src/common/deps /tmp/bunkerweb/deps +COPY src/deps /tmp/bunkerweb/deps COPY src/scheduler/requirements.txt /tmp/req/requirements.txt COPY src/ui/requirements.txt /tmp/req/requirements.txt.1 COPY src/common/gen/requirements.txt /tmp/req/requirements.txt.2 @@ -34,8 +34,11 @@ RUN apt update && \ mkdir -p /usr/share/bunkerweb/deps && \ chmod +x /tmp/bunkerweb/deps/install.sh && \ bash /tmp/bunkerweb/deps/install.sh && \ - mkdir /usr/share/bunkerweb/deps/python && \ - pip3 install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /tmp/bunkerweb/deps/requirements.txt + mkdir /usr/share/bunkerweb/deps/python + + # Dirty fix to avoid errors with --target and packages same namespace +RUN pip install --no-deps --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /tmp/bunkerweb/deps/requirements.txt + # Copy files # can't exclude deps from . so we are copying everything by hand COPY src/bw/loading /usr/share/bunkerweb/loading @@ -57,10 +60,11 @@ COPY src/VERSION /usr/share/bunkerweb/VERSION # Setup BW RUN cp /usr/share/bunkerweb/helpers/bwcli /usr/bin/ && \ chmod 755 /usr/bin/bwcli && \ - mkdir /etc/bunkerweb/configs && \ - mkdir /var/cache/bunkerweb/ && \ - mkdir /etc/bunkerweb/plugins && \ - mkdir /var/tmp/bunkerweb/ && \ + mkdir -p /etc/bunkerweb/configs && \ + mkdir -p /var/cache/bunkerweb/ && \ + mkdir -p /etc/bunkerweb/plugins && \ + mkdir -p /var/tmp/bunkerweb/ && \ + mkdir -p /var/www/ && \ #mkdir /var/www/html && \ echo "Linux" > /usr/share/bunkerweb/INTEGRATION && \ #It's a find command that will find all files in the bunkerweb directory, excluding the ui/deps directory, and then chmod them to 0740. @@ -68,25 +72,23 @@ RUN cp /usr/share/bunkerweb/helpers/bwcli /usr/bin/ && \ #It's a find command that will find all files in the bunkerweb directory, excluding the ui/deps directory, and then chmod them to 0740. find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type d -exec chmod 0750 {} \; && \ chmod 770 /var/cache/bunkerweb/ /var/tmp/bunkerweb/ && \ - chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/scheduler/main.py /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/ui/main.py && \ + chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/scheduler/main.py /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/ui/main.py /var/www/ && \ # Don't forget to add /var/www/html on the above line find /usr/share/bunkerweb/core/*/jobs/* -type f -exec chmod 750 {} \; && \ pip install --no-cache-dir --upgrade pip && \ pip install wheel && \ - mkdir /usr/share/bunkerweb/ui/deps/python && \ - pip install --no-cache-dir --require-hashes --no-deps --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/ui/deps/requirements.txt && \ + mkdir -p /usr/share/bunkerweb/ui/deps/python && \ + pip install --no-cache-dir --require-hashes --no-deps --target /usr/share/bunkerweb/deps/python -r /tmp/bunkerweb/deps/requirements.txt && \ pip install --no-cache-dir gunicorn && \ chmod 755 /usr/share/bunkerweb # Copy Linux files -COPY src/linux/variables.env /etc/bunkerweb/variables.env -COPY src/linux/ui.env /etc/bunkerweb/ui.env COPY src/linux/scripts /usr/share/bunkerweb/scripts COPY src/linux/fpm.sh /usr/share/fpm.sh RUN chmod +x /usr/share/bunkerweb/scripts/*.sh /usr/share/fpm.sh COPY src/linux/fpm-ubuntu /usr/share/.fpm -COPY src/linux/bunkerweb.service /usr/share/bunkerweb.service -COPY src/linux/bunkerweb-ui.service /usr/share/bunkerweb-ui.service +COPY src/linux/bunkerweb.service /etc/systemd/system/bunkerweb.service +COPY src/linux/bunkerweb-ui.service /etc/systemd/system/bunkerweb-ui.service # Generate DEB at startup VOLUME /data diff --git a/src/linux/Dockerfile-fedora b/src/linux/Dockerfile-fedora index e4da5c9c0..ce9076cf8 100644 --- a/src/linux/Dockerfile-fedora +++ b/src/linux/Dockerfile-fedora @@ -13,7 +13,7 @@ RUN dnf update -y && \ dnf install nginx-1.20.2 -y # Copy dependencies sources folder -COPY src/common/deps /tmp/bunkerweb/deps +COPY src/deps /tmp/bunkerweb/deps COPY src/scheduler/requirements.txt /tmp/req/requirements.txt COPY src/ui/requirements.txt /tmp/req/requirements.txt.1 COPY src/common/gen/requirements.txt /tmp/req/requirements.txt.2 @@ -54,30 +54,33 @@ COPY src/VERSION /usr/share/bunkerweb/VERSION # Setup BW RUN cp /usr/share/bunkerweb/helpers/bwcli /usr/bin/ && \ chmod 755 /usr/bin/bwcli && \ - mkdir /etc/bunkerweb/configs && \ - mkdir /var/cache/bunkerweb/ && \ - mkdir /etc/bunkerweb/plugins && \ - mkdir /var/tmp/bunkerweb/ && \ + mkdir -p /etc/bunkerweb/configs && \ + mkdir -p /var/cache/bunkerweb/ && \ + mkdir -p /etc/bunkerweb/plugins && \ + mkdir -p /var/tmp/bunkerweb/ && \ + mkdir -p /var/www/ && \ echo "Linux" > /usr/share/bunkerweb/INTEGRATION && \ - find /usr/share/bunkerweb -path /usr/share/bunkerweb/deps -prune -o -type f -exec chmod 0740 {} \; && \ - find /usr/share/bunkerweb -path /usr/share/bunkerweb/deps -prune -o -type d -exec chmod 0750 {} \; && \ + find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type f -exec chmod 0740 {} \; && \ + find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type d -exec chmod 0750 {} \; && \ chmod 770 /var/cache/bunkerweb/ /var/tmp/bunkerweb/ && \ - chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/scheduler/main.py /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/ui/main.py && \ + chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/scheduler/main.py /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/ui/main.py /var/www/ && \ find /usr/share/bunkerweb/core/*/jobs/* -type f -exec chmod 750 {} \; && \ - pip install --no-cache-dir --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/ui/deps/requirements.txt && \ + pip install --no-cache-dir --upgrade pip && \ + pip install wheel && \ + mkdir -p /usr/share/bunkerweb/ui/deps/python && \ + pip install --no-cache-dir --require-hashes --no-deps --target /usr/share/bunkerweb/deps/python -r /tmp/bunkerweb/deps/requirements.txt && \ + pip install --no-cache-dir gunicorn && \ chmod 755 /usr/share/bunkerweb # Copy Linux files -COPY src/linux/variables.env /etc/bunkerweb/variables.env -COPY src/linux/ui.env /etc/bunkerweb/ui.env COPY src/linux/scripts /usr/share/bunkerweb/scripts COPY src/linux/fpm.sh /usr/share/fpm.sh RUN chmod +x /usr/share/bunkerweb/scripts/*.sh /usr/share/fpm.sh COPY src/linux/fpm-ubuntu /usr/share/.fpm -COPY src/linux/bunkerweb.service /usr/share/bunkerweb.service -COPY src/linux/bunkerweb-ui.service /usr/share/bunkerweb-ui.service +COPY src/linux/bunkerweb.service /etc/systemd/system/bunkerweb.service +COPY src/linux/bunkerweb-ui.service /etc/systemd/system/bunkerweb-ui.service # Generate DEB at startup VOLUME /data WORKDIR /usr/share/ -ENTRYPOINT ["/usr/share/fpm.sh", "deb"] +ENTRYPOINT ["/usr/share/fpm.sh", "rpm"] diff --git a/src/linux/Dockerfile-rhel b/src/linux/Dockerfile-rhel index b8ebc0f35..71e308f97 100644 --- a/src/linux/Dockerfile-rhel +++ b/src/linux/Dockerfile-rhel @@ -4,7 +4,7 @@ ENV OS=rhel ENV NGINX_VERSION 1.20.2 # RHEL subscription -RUN subscription-manager register --username=username --password=password --auto-attach +RUN subscription-manager register --username=bunkerfrsq --password=aTtWafOi2V3TvdnPmHCw --auto-attach # Install fpm RUN dnf install -y ruby ruby-devel make gcc redhat-rpm-config rpm-build wget && \ @@ -14,12 +14,12 @@ RUN dnf install -y ruby ruby-devel make gcc redhat-rpm-config rpm-build wget && gem install fpm # Nginx -COPY linux/nginx.repo /etc/yum.repos.d/nginx.repo +COPY src/linux/nginx.repo /etc/yum.repos.d/nginx.repo RUN dnf install yum-utils -y && \ dnf install nginx-1.20.2 -y # Copy dependencies sources folder -COPY src/common/deps /tmp/bunkerweb/deps +COPY src/deps /tmp/bunkerweb/deps COPY src/scheduler/requirements.txt /tmp/req/requirements.txt COPY src/ui/requirements.txt /tmp/req/requirements.txt.1 COPY src/common/gen/requirements.txt /tmp/req/requirements.txt.2 @@ -30,12 +30,23 @@ RUN mkdir -p /usr/share/bunkerweb/deps && \ rm -rf /tmp/req # Compile and install dependencies -RUN dnf install -y python39-pip brotli brotli-devel gperftools-devel perl libxslt-devel libxml2 libxslt bash gd gd-devel gcc-c++ kernel-devel curl znc-modtcl libmpc-devel gmp-devel gawk mpfr-devel libtool pcre-devel automake autoconf readline-devel gcc make openssl-devel git zlib-devel libxml2-devel pkgconf libcurl-devel geoip-devel lmdb-libs && \ +RUN dnf install -y wget brotli brotli-devel gperftools-devel perl libxslt-devel libxml2 libxslt bash gd gd-devel gcc-c++ kernel-devel curl znc-modtcl libmpc-devel gmp-devel gawk mpfr-devel libtool pcre-devel automake autoconf readline-devel gcc make openssl-devel git zlib-devel libxml2-devel pkgconf libcurl-devel geoip-devel lmdb-libs && \ mkdir -p /usr/share/bunkerweb/deps && \ chmod +x /tmp/bunkerweb/deps/install.sh && \ bash /tmp/bunkerweb/deps/install.sh && \ - mkdir /usr/share/bunkerweb/deps/python && \ - pip install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /tmp/bunkerweb/deps/requirements.txt + mkdir /usr/share/bunkerweb/deps/python + +# Install python 3.10 +RUN wget https://www.python.org/ftp/python/3.10.8/Python-3.10.8.tgz && \ + tar -xvf Python-3.10.8.tgz && \ + cd Python-3.10.8 && \ + ./configure --enable-optimizations && \ + make altinstall && \ + cd .. && \ + rm -rf Python-3.10.8 && \ + rm -rf Python-3.10.8.tgz + +RUN pip3.10 install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /tmp/bunkerweb/deps/requirements.txt # Copy BW files # can't exclude deps from . so we are copying everything by hand @@ -57,29 +68,32 @@ COPY src/VERSION /usr/share/bunkerweb/VERSION # Setup BW RUN cp /usr/share/bunkerweb/helpers/bwcli /usr/bin/ && \ - chmod 755 /usr/bin/bwcli && \ - mkdir /etc/bunkerweb/configs && \ - mkdir /var/cache/bunkerweb/ && \ - mkdir /etc/bunkerweb/plugins && \ - mkdir /var/tmp/bunkerweb/ && \ - echo "Linux" > /usr/share/bunkerweb/INTEGRATION && \ - find /usr/share/bunkerweb -path /usr/share/bunkerweb/deps -prune -o -type f -exec chmod 0740 {} \; && \ - find /usr/share/bunkerweb -path /usr/share/bunkerweb/deps -prune -o -type d -exec chmod 0750 {} \; && \ - chmod 770 /var/cache/bunkerweb/ /var/tmp/bunkerweb/ && \ - chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/scheduler/main.py /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/ui/main.py && \ - find /usr/share/bunkerweb/core/*/jobs/* -type f -exec chmod 750 {} \; && \ - pip install --no-cache-dir --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/ui/deps/requirements.txt && \ - chmod 755 /usr/share/bunkerweb + chmod 755 /usr/bin/bwcli && \ + mkdir -p /etc/bunkerweb/configs && \ + mkdir -p /var/cache/bunkerweb/ && \ + mkdir -p /etc/bunkerweb/plugins && \ + mkdir -p /var/tmp/bunkerweb/ && \ + mkdir -p /var/www/ && \ + echo "Linux" > /usr/share/bunkerweb/INTEGRATION && \ + find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type f -exec chmod 0740 {} \; && \ + find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type d -exec chmod 0750 {} \; && \ + chmod 770 /var/cache/bunkerweb/ /var/tmp/bunkerweb/ && \ + chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/scheduler/main.py /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/ui/main.py /var/www/ && \ + find /usr/share/bunkerweb/core/*/jobs/* -type f -exec chmod 750 {} \; && \ + pip3.10 install --no-cache-dir --upgrade pip && \ + pip3.10 install wheel && \ + mkdir -p /usr/share/bunkerweb/ui/deps/python && \ + pip3.10 install --no-cache-dir --require-hashes --no-deps --target /usr/share/bunkerweb/deps/python -r /tmp/bunkerweb/deps/requirements.txt && \ + pip3.10 install --no-cache-dir gunicorn && \ + chmod 755 /usr/share/bunkerweb # Copy Linux files -COPY src/linux/variables.env /etc/bunkerweb/variables.env -COPY src/linux/ui.env /etc/bunkerweb/ui.env COPY src/linux/scripts /usr/share/bunkerweb/scripts COPY src/linux/fpm.sh /usr/share/fpm.sh RUN chmod +x /usr/share/bunkerweb/scripts/*.sh /usr/share/fpm.sh -COPY src/linux/fpm-rhel /usr/share/.fpm -COPY src/linux/bunkerweb.service /usr/share/bunkerweb.service -COPY src/linux/bunkerweb-ui.service /usr/share/bunkerweb-ui.service +COPY src/linux/fpm-ubuntu /usr/share/.fpm +COPY src/linux/bunkerweb.service /etc/systemd/system/bunkerweb.service +COPY src/linux/bunkerweb-ui.service /etc/systemd/system/bunkerweb-ui.service # Generate RPM at startup VOLUME /data diff --git a/src/linux/Dockerfile-ubuntu b/src/linux/Dockerfile-ubuntu index 9e046d78b..a6cbaf598 100644 --- a/src/linux/Dockerfile-ubuntu +++ b/src/linux/Dockerfile-ubuntu @@ -9,7 +9,7 @@ RUN apt update && \ gem install fpm # Copy dependencies sources folder -COPY src/common/deps /tmp/bunkerweb/deps +COPY src/deps /tmp/bunkerweb/deps COPY src/scheduler/requirements.txt /tmp/req/requirements.txt COPY src/ui/requirements.txt /tmp/req/requirements.txt.1 COPY src/common/gen/requirements.txt /tmp/req/requirements.txt.2 @@ -58,27 +58,25 @@ COPY src/VERSION /usr/share/bunkerweb/VERSION # Setup BW RUN cp /usr/share/bunkerweb/helpers/bwcli /usr/bin/ && \ chmod 755 /usr/bin/bwcli && \ - mkdir /etc/bunkerweb/configs && \ - mkdir /var/cache/bunkerweb/ && \ - mkdir /etc/bunkerweb/plugins && \ - mkdir /var/tmp/bunkerweb/ && \ - mkdir -p /var/www/html && \ + mkdir -p /etc/bunkerweb/configs && \ + mkdir -p /var/cache/bunkerweb/ && \ + mkdir -p /etc/bunkerweb/plugins && \ + mkdir -p /var/tmp/bunkerweb/ && \ + mkdir -p /var/www/ && \ echo "Linux" > /usr/share/bunkerweb/INTEGRATION && \ find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type f -exec chmod 0740 {} \; && \ find /usr/share/bunkerweb -path /usr/share/bunkerweb/ui/deps -prune -o -type d -exec chmod 0750 {} \; && \ chmod 770 /var/cache/bunkerweb/ /var/tmp/bunkerweb/ && \ - chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/scheduler/main.py /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/ui/main.py /var/www/html && \ + chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/scheduler/main.py /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/helpers/*.sh /usr/share/bunkerweb/ui/main.py /var/www/ && \ find /usr/share/bunkerweb/core/*/jobs/* -type f -exec chmod 750 {} \; && \ pip install --no-cache-dir --upgrade pip && \ pip install wheel && \ - mkdir /usr/share/bunkerweb/ui/deps/python && \ - pip install --no-cache-dir --require-hashes --no-deps --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/ui/deps/requirements.txt && \ + mkdir -p /usr/share/bunkerweb/ui/deps/python && \ + pip install --no-cache-dir --require-hashes --no-deps --target /usr/share/bunkerweb/deps/python -r /tmp/bunkerweb/deps/requirements.txt && \ pip install --no-cache-dir gunicorn && \ chmod 755 /usr/share/bunkerweb # Copy Linux files -COPY src/linux/variables.env /etc/bunkerweb/variables.env -COPY src/linux/ui.env /etc/bunkerweb/ui.env COPY src/linux/scripts /usr/share/bunkerweb/scripts COPY src/linux/fpm.sh /usr/share/fpm.sh RUN chmod +x /usr/share/bunkerweb/scripts/*.sh /usr/share/fpm.sh diff --git a/src/linux/fpm-centos b/src/linux/fpm-centos index d25088dbc..6522943bf 100644 --- a/src/linux/fpm-centos +++ b/src/linux/fpm-centos @@ -8,6 +8,5 @@ --url "https://www.bunkerweb.io" --maintainer "Bunkerity " --after-install /usr/share/bunkerweb/scripts/postinstall.sh ---before-remove /usr/share/bunkerweb/scripts/beforeRemove.sh --after-remove /usr/share/bunkerweb/scripts/afterRemove.sh -/usr/share/bunkerweb/=/usr/share/bunkerweb/ /usr/bin/bwcli=/usr/bin/bwcli /etc/bunkerweb/=/etc/bunkerweb /var/tmp/bunkerweb/=/var/tmp/bunkerweb /var/cache/bunkerweb/=/var/cache/bunkerweb bunkerweb.service=/etc/systemd/system/bunkerweb.service bunkerweb-ui.service=/etc/systemd/system/bunkerweb-ui.service \ No newline at end of file +/usr/share/bunkerweb/=/usr/share/bunkerweb/ /usr/bin/bwcli=/usr/bin/bwcli /etc/bunkerweb/=/etc/bunkerweb /var/tmp/bunkerweb/=/var/tmp/bunkerweb /var/cache/bunkerweb/=/var/cache/bunkerweb /etc/systemd/system/bunkerweb.service=/etc/systemd/system/bunkerweb.service /etc/systemd/system/bunkerweb-ui.service=/etc/systemd/system/bunkerweb-ui.service \ No newline at end of file diff --git a/src/linux/fpm-debian b/src/linux/fpm-debian index 718ee4a97..7a9ef1db4 100644 --- a/src/linux/fpm-debian +++ b/src/linux/fpm-debian @@ -8,6 +8,5 @@ --url "https://www.bunkerweb.io" --maintainer "Bunkerity " --after-install /usr/share/bunkerweb/scripts/postinstall.sh ---before-remove /usr/share/bunkerweb/scripts/beforeRemove.sh --after-remove /usr/share/bunkerweb/scripts/afterRemove.sh -/usr/share/bunkerweb/=/usr/share/bunkerweb/ /usr/bin/bwcli=/usr/bin/bwcli /etc/bunkerweb/=/etc/bunkerweb /var/tmp/bunkerweb/=/var/tmp/bunkerweb /var/cache/bunkerweb/=/var/cache/bunkerweb bunkerweb.service=/etc/systemd/system/bunkerweb.service bunkerweb-ui.service=/etc/systemd/system/bunkerweb-ui.service \ No newline at end of file +/usr/share/bunkerweb/=/usr/share/bunkerweb/ /usr/bin/bwcli=/usr/bin/bwcli /etc/bunkerweb/=/etc/bunkerweb /var/tmp/bunkerweb/=/var/tmp/bunkerweb /var/cache/bunkerweb/=/var/cache/bunkerweb /etc/systemd/system/bunkerweb.service=/etc/systemd/system/bunkerweb.service /etc/systemd/system/bunkerweb-ui.service=/etc/systemd/system/bunkerweb-ui.service \ No newline at end of file diff --git a/src/linux/fpm-fedora b/src/linux/fpm-fedora index 8238120ef..10b70b231 100644 --- a/src/linux/fpm-fedora +++ b/src/linux/fpm-fedora @@ -8,6 +8,5 @@ --url "https://www.bunkerweb.io" --maintainer "Bunkerity " --after-install /usr/share/bunkerweb/scripts/postinstall.sh ---before-remove /usr/share/bunkerweb/scripts/beforeRemove.sh --after-remove /usr/share/bunkerweb/scripts/afterRemove.sh -/usr/share/bunkerweb/=/usr/share/bunkerweb/ /usr/bin/bwcli=/usr/bin/bwcli /etc/bunkerweb/=/etc/bunkerweb /var/tmp/bunkerweb/=/var/tmp/bunkerweb /var/cache/bunkerweb/=/var/cache/bunkerweb bunkerweb.service=/etc/systemd/system/bunkerweb.service bunkerweb-ui.service=/etc/systemd/system/bunkerweb-ui.service \ No newline at end of file +/usr/share/bunkerweb/=/usr/share/bunkerweb/ /usr/bin/bwcli=/usr/bin/bwcli /etc/bunkerweb/=/etc/bunkerweb /var/tmp/bunkerweb/=/var/tmp/bunkerweb /var/cache/bunkerweb/=/var/cache/bunkerweb /etc/systemd/system/bunkerweb.service=/etc/systemd/system/bunkerweb.service /etc/systemd/system/bunkerweb-ui.service=/etc/systemd/system/bunkerweb-ui.service \ No newline at end of file diff --git a/src/linux/fpm-rhel b/src/linux/fpm-rhel index 26452e295..7ff7d129c 100644 --- a/src/linux/fpm-rhel +++ b/src/linux/fpm-rhel @@ -8,6 +8,5 @@ --url "https://www.bunkerweb.io" --maintainer "Bunkerity " --after-install /usr/share/bunkerweb/scripts/postinstall.sh ---before-remove /usr/share/bunkerweb/scripts/beforeRemove.sh --after-remove /usr/share/bunkerweb/scripts/afterRemove.sh -/usr/share/bunkerweb/=/usr/share/bunkerweb/ bunkerweb.service=/etc/systemd/system/bunkerweb.service bunkerweb-ui.service=/etc/systemd/system/bunkerweb-ui.service /usr/bin/bwcli=/usr/bin/bwcli \ No newline at end of file +/usr/share/bunkerweb/=/usr/share/bunkerweb/ /usr/bin/bwcli=/usr/bin/bwcli /etc/bunkerweb/=/etc/bunkerweb /var/tmp/bunkerweb/=/var/tmp/bunkerweb /var/cache/bunkerweb/=/var/cache/bunkerweb /etc/systemd/system/bunkerweb.service=/etc/systemd/system/bunkerweb.service /etc/systemd/system/bunkerweb-ui.service=/etc/systemd/system/bunkerweb-ui.service \ No newline at end of file diff --git a/src/linux/nginx.repo b/src/linux/nginx.repo new file mode 100644 index 000000000..3894a9f19 --- /dev/null +++ b/src/linux/nginx.repo @@ -0,0 +1,7 @@ +[nginx-stable] +name=nginx stable repo +baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ +gpgcheck=1 +enabled=1 +gpgkey=https://nginx.org/keys/nginx_signing.key +module_hotfixes=true \ No newline at end of file diff --git a/src/linux/scripts/postinstall.sh b/src/linux/scripts/postinstall.sh index df6ac9afb..3c7947a8e 100644 --- a/src/linux/scripts/postinstall.sh +++ b/src/linux/scripts/postinstall.sh @@ -1,7 +1,7 @@ #!/bin/bash # Stop nginx if it's running and remove the old config file if it exists -systemctl stop nginx +systemctl start nginx # Change the ownership of /usr/share/bunkerweb to nginx chown -R nginx:nginx /usr/share/bunkerweb diff --git a/src/linux/scripts/start.sh b/src/linux/scripts/start.sh index d410f1700..74fa89a24 100644 --- a/src/linux/scripts/start.sh +++ b/src/linux/scripts/start.sh @@ -20,10 +20,14 @@ function display_help() export PYTHONPATH=/usr/share/bunkerweb/deps/python/ -# Add nginx to sudoers -if [ ! -f /etc/sudoers.d/bunkerweb ]; then - log "ENTRYPOINT" "ℹ️" "Adding nginx user to sudoers ..." - echo "nginx ALL=(ALL) NOPASSWD: /bin/systemctl restart bunkerweb" > /etc/sudoers.d/bunkerweb +# Create user scheduler if not exists +if ! id -u scheduler > /dev/null 2>&1; then + # Create group scheduler + groupadd scheduler + # Create user scheduler + useradd scheduler -g scheduler + chown -R scheduler:scheduler /usr/share/bunkerweb /var/cache/bunkerweb /var/lib/bunkerweb /etc/bunkerweb /var/tmp/bunkerweb + chown -R scheduler:scheduler /etc/nginx fi ############################################################# @@ -46,45 +50,22 @@ function start() { # setup and check /data folder /usr/share/bunkerweb/helpers/data.sh "ENTRYPOINT" - # trap SIGTERM and SIGINT - function trap_exit() { - log "ENTRYPOINT" "ℹ️ " "Catched stop operation" - if [ -f "/var/tmp/bunkerweb/scheduler.pid" ] ; then - log "ENTRYPOINT" "ℹ️ " "Stopping job scheduler ..." - kill -s TERM "$(cat /var/rmp/bunkerweb/scheduler.pid)" - fi - } - trap "trap_exit" TERM INT QUIT - - # trap SIGHUP - function trap_reload() { - log "ENTRYPOINT" "ℹ️ " "Catched reload operation" - /usr/share/bunkerweb/helpers/scheduler-restart.sh - if [ $? -ne 0 ] ; then - log "ENTRYPOINT" "ℹ️ " "Error while restarting scheduler" - fi - } - trap "trap_reload" HUP - # Init database # generate "temp" config #get_env > "/tmp/variables.env" - echo -e "IS_LOADING=yes\nSERVER_NAME=\nAPI_HTTP_PORT=${API_HTTP_PORT:-5000}\nAPI_SERVER_NAME=${API_SERVER_NAME:-bwapi}\nAPI_WHITELIST_IP=${API_WHITELIST_IP:-127.0.0.0/8}" > /tmp/variables.env - /usr/share/bunkerweb/gen/save_config.py --variables /tmp/variables.env --init + echo -e "IS_LOADING=yes\nSERVER_NAME=\nAPI_HTTP_PORT=${API_HTTP_PORT:-5000}\nAPI_SERVER_NAME=${API_SERVER_NAME:-bwapi}\nAPI_WHITELIST_IP=${API_WHITELIST_IP:-127.0.0.0/8}" > /var/tmp/bunkerweb/variables.env + /usr/share/bunkerweb/gen/save_config.py --variables /var/tmp/bunkerweb/variables.env --init if [ "$?" -ne 0 ] ; then log "ENTRYPOINT" "❌" "Scheduler generator failed" exit 1 fi - - generate=yes - if [ -f "/etc/nginx/variables.env" ] && grep -q "^IS_LOADING=no$" /etc/nginx/variables.env ; then - log "ENTRYPOINT" "⚠️ " "Looks like BunkerWeb configuration is already generated, will not generate it again" - generate=no - fi - # execute jobs log "ENTRYPOINT" "ℹ️ " "Executing scheduler ..." - /usr/share/bunkerweb/scheduler/main.py --generate $generate + /usr/share/bunkerweb/scheduler/main.py --variables /var/tmp/bunkerweb/variables.env + if [ "$?" -ne 0 ] ; then + log "ENTRYPOINT" "❌" "Scheduler failed" + exit 1 + fi log "ENTRYPOINT" "ℹ️ " "Scheduler stopped" exit 0 @@ -96,7 +77,7 @@ function stop() log "ENTRYPOINT" "ℹ️" "Stopping BunkerWeb service ..." # Check if pid file exist and remove it if so - PID_FILE_PATH="/var/rmp/bunkerweb/scheduler.pid" + PID_FILE_PATH="/var/tmp/bunkerweb/scheduler.pid" if [ -f "$PID_FILE_PATH" ]; then var=$(cat "$PID_FILE_PATH") diff --git a/src/scheduler/main.py b/src/scheduler/main.py index 21a39bf34..fb5dfca92 100644 --- a/src/scheduler/main.py +++ b/src/scheduler/main.py @@ -107,8 +107,17 @@ if __name__ == "__main__": integration = "Linux" api_caller = ApiCaller() + # Define db here because otherwhise it will be undefined for Linux + db = Database( + logger, + sqlalchemy_string=getenv("DATABASE_URI", None), + ) + custom_configs = db.get_custom_configs() + # END Define db because otherwhise it will be undefined for Linux + logger.info("Scheduler started ...") + # Checking if the argument variables is true. if args.variables: logger.info(f"Variables : {args.variables}") @@ -243,6 +252,7 @@ if __name__ == "__main__": ) logger.info("Executing scheduler ...") + generate = not exists( "/var/tmp/bunkerweb/variables.env" ) or env != dotenv_values("/var/tmp/bunkerweb/variables.env") @@ -318,12 +328,15 @@ if __name__ == "__main__": # reload nginx if integration == "Linux": logger.info("Reloading nginx ...") - proc = run( - ["/usr/sbin/nginx", "-s", "reload"], - stdin=DEVNULL, - stderr=PIPE, - env=deepcopy(env), - ) + # Reloading the nginx server. + # Had to use this instead of the nginx reload command because it was not working + proc = subprocess_run(["nginx", "-s", "reload"], stdin=DEVNULL, stderr=STDOUT) + # proc = run( + # ["/usr/sbin/nginx", "-s", "reload"], + # stdin=DEVNULL, + # stderr=PIPE, + # env=deepcopy(env), + # ) if proc.returncode == 0: logger.info("Successfuly reloaded nginx") else: