Elgato_dark/bunkerweb
1
0
Fork 0
mirror of https://github.com/bunkerity/bunkerweb synced 2026-05-24 09:28:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add lost 2FA recovery procedure

Browse source
This commit is contained in:
Théophile Diot 2024-01-05 17:54:15 +00:00
parent b1d5ab260a
commit e2bfa85600
No known key found for this signature in database
GPG key ID: 248FEA4BAE400D06
1 changed files with 137 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

137
docs/troubleshooting.md
View file

@ -288,3 +288,140 @@ If you have bots that need to access your website, the recommended way to avoid
## Timezone
When using container-based integrations, the timezone of the container may not match the one of the host machine. To resolve that, you can set the `TZ` environment variable to the timezone of your choice on your containers (e.g. `TZ=Europe/Paris`). You will find the list of timezone identifiers [here](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
## Lost 2FA authentication
If you lost your 2FA authentication, you can reset it by following these steps :
### Access your database
=== "SQLite"
=== "Debian and Ubuntu"
Install SQLite:
```shell
sudo apt install sqlite3
```
=== "Fedora and RedHat"
Install SQLite:
```shell
sudo dnf install sqlite
```
=== "Docker"
1. Access you scheduler container
!!! note "Docker arguments"
- the `-u 0` option is to run the command as root (mandatory)
- the `-it` options are to run the command interactively (mandatory)
- `<bunkerweb_scheduler_container>`: the name or ID of your scheduler container
```shell
docker exec -u 0 -it <bunkerweb_scheduler_container> bash
```
2. Install SQLite
```bash
apk add sqlite
```
1. Access your database
!!! note "Database path"
We assume that you are using the default database path. If you are using a custom path, you will need to adapt the command.
```bash
sqlite3 /data/lib/db.sqlite3
```
You should see something like this:
```text
SQLite version <VER> <DATE>
Enter ".help" for usage hints.
sqlite>
```
=== "MariaDB / MySQL"
!!! warning "MariaDB / MySQL only"
The following steps are only valid for MariaDB / MySQL databases. If you are using another database, please refer to the documentation of your database.
=== "Linux"
1. Access your local database
```bash
mysql -u root -p bunkerweb
```
Then enter your password of the database user and you should be able to access your database.
=== "Docker"
1. Access you database container
!!! note "Docker arguments"
- the `-u 0` option is to run the command as root (mandatory)
- the `-it` options are to run the command interactively (mandatory)
- `<bunkerweb_db_container>`: the name or ID of your database container
- `<user>`: the database user
- `<database>`: the database name
```shell
docker exec -u 0 -it <bunkerweb_db_container> mysql -u <user> -p <database>
```
Then enter your password of the database user and you should be able to access your database.
### Check that the admin user exists
!!! note "Database schema"
The database schema is the following:
```sql
id INTEGER PRIMARY KEY AUTOINCREMENT
username VARCHAR(256) NOT NULL UNIQUE
password VARCHAR(60) NOT NULL
is_two_factor_enabled BOOLEAN NOT NULL DEFAULT 0
secret_token VARCHAR(32) DEFAULT NULL
method ("manual" or "ui") NOT NULL DEFAULT 'manual'
```
### Execute the following command:
```sql
SELECT * FROM bw_ui_users;
```
You should see something like this:
```text
1|<username>|<password_hash>|1|<secret_totp_token>|(manual or ui)
```
### Deactivate 2FA
```sql
UPDATE bw_ui_users SET is_two_factor_enabled = 0, secret_token = NULL WHERE id = 1;
```
### Check that the 2FA is deactivated
```sql
SELECT * FROM bw_ui_users;
```
You should see something like this:
```text
1|<username>|<password_hash>|0||(manual or ui)
```
And that's it ! You just have to try to log in once again and the 2FA will not be prompted !