From eba1cc58aa3b7e437f014e8a4b2c5f87221be60c Mon Sep 17 00:00:00 2001 From: florian Date: Sat, 11 May 2024 14:59:43 +0200 Subject: [PATCH] docs - remove ansible and vagrant --- CHANGELOG.md | 1 + README.md | 38 +-- TODO | 5 - docs/concepts.md | 8 +- docs/integrations.md | 578 +++++++++++++++------------------------ docs/plugins.md | 43 --- docs/quickstart-guide.md | 515 ---------------------------------- docs/troubleshooting.md | 40 --- docs/upgrading.md | 4 +- docs/web-ui.md | 109 -------- 10 files changed, 226 insertions(+), 1115 deletions(-) delete mode 100644 TODO diff --git a/CHANGELOG.md b/CHANGELOG.md index b8782bba8..affff4975 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -31,6 +31,7 @@ - [AUTOCONF] Speedup autoconf process when we have multiple events in short period of time - [DOCUMENTATION] Add upgrade procedure for 1.5.7+ - [DOCUMENTATION] Rename Migrating section to Upgrading +- [MISC] Drop support of ansible and vagrant integrations - [MISC] Support custom bwcli commands using plugins - [MISC] Add Docker labels in autoconf, bw, scheduler, and ui Dockerfiles - [DEPS] Update Python base Docker image to version 3.12.3-alpine3.19 diff --git a/README.md b/README.md index 9435e17f6..7ca71f40b 100644 --- a/README.md +++ b/README.md @@ -141,12 +141,10 @@ The first concept is the integration of BunkerWeb into the target environment. W The following integrations are officially supported : - [Docker](https://docs.bunkerweb.io/1.5.7/integrations/?utm_campaign=self&utm_source=github#docker) -- [Docker autoconf](https://docs.bunkerweb.io/1.5.7/integrations/?utm_campaign=self&utm_source=github#docker-autoconf) -- [Swarm](https://docs.bunkerweb.io/1.5.7/integrations/?utm_campaign=self&utm_source=github#swarm) -- [Kubernetes](https://docs.bunkerweb.io/1.5.7/integrations/?utm_campaign=self&utm_source=github#kubernetes) - [Linux](https://docs.bunkerweb.io/1.5.7/integrations/?utm_campaign=self&utm_source=github#linux) -- [Ansible](https://docs.bunkerweb.io/1.5.7/integrations/?utm_campaign=self&utm_source=github#ansible) -- [Vagrant](https://docs.bunkerweb.io/1.5.7/integrations/?utm_campaign=self&utm_source=github#vagrant) +- [Docker autoconf](https://docs.bunkerweb.io/1.5.7/integrations/?utm_campaign=self&utm_source=github#docker-autoconf) +- [Kubernetes](https://docs.bunkerweb.io/1.5.7/integrations/?utm_campaign=self&utm_source=github#kubernetes) +- [Swarm](https://docs.bunkerweb.io/1.5.7/integrations/?utm_campaign=self&utm_source=github#swarm) ## Settings @@ -285,36 +283,6 @@ You will find more information in the [Linux section](https://docs.bunkerweb.io/ > [!IMPORTANT] > As of Ubuntu 24.04, the `nginx` package is not available in the official repository. You will need to use the `jammy` repository to install NGINX 1.24.0. Also we do not yet run automated tests on Ubuntu 24.04, so please consider this version as experimental. -## Ansible - -

- Ansible banner -

- -List of supported Linux distros : - -- Debian 12 "Bookworm" -- Ubuntu 22.04 "Jammy" -- Ubuntu 24.04 "Noble" -- Fedora 39 -- RHEL 8.9 -- RHEL 9.4 - -[Ansible](https://www.ansible.com/) is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero downtime rolling updates. - -A specific BunkerWeb Ansible role is available on [Ansible Galaxy](https://galaxy.ansible.com/bunkerity/bunkerweb) (source code is available [here](https://github.com/bunkerity/bunkerweb-ansible)). - -You will find more information in the [Ansible section](https://docs.bunkerweb.io/1.5.7/integrations/?utm_campaign=self&utm_source=github#ansible) of the documentation. - -## Vagrant - -We maintain ready to use Vagrant boxes hosted on Vagrant cloud for the following providers : - -- virtualbox -- libvirt - -You will find more information in the [Vagrant section](https://docs.bunkerweb.io/1.5.7/integrations/?utm_campaign=self&utm_source=github#vagrant) of the documentation. - # Quickstart guide Once you have setup BunkerWeb with the integration of your choice, you can follow the [quickstart guide](https://docs.bunkerweb.io/1.5.7/quickstart-guide/?utm_campaign=self&utm_source=github) that will cover the following common use cases : diff --git a/TODO b/TODO deleted file mode 100644 index 7e1bb3dc0..000000000 --- a/TODO +++ /dev/null @@ -1,5 +0,0 @@ -- Ansible -- Vagrant -- Plugins -- Find a way to do rdns in background -- fix db warnings (Got an error reading communication packets) diff --git a/docs/concepts.md b/docs/concepts.md index 3018d10d7..0df134214 100644 --- a/docs/concepts.md +++ b/docs/concepts.md @@ -11,12 +11,10 @@ The first concept is the integration of BunkerWeb into the target environment. W The following integrations are officially supported : - [Docker](integrations.md#docker) -- [Docker autoconf](integrations.md#docker-autoconf) -- [Swarm](integrations.md#swarm) -- [Kubernetes](integrations.md#kubernetes) - [Linux](integrations.md#linux) -- [Ansible](integrations.md#ansible) -- [Vagrant](integrations.md#vagrant) +- [Docker autoconf](integrations.md#docker-autoconf) +- [Kubernetes](integrations.md#kubernetes) +- [Swarm](integrations.md#swarm) If you think that a new integration should be supported, do not hesitate to open a [new issue](https://github.com/bunkerity/bunkerweb/issues) on the GitHub repository. diff --git a/docs/integrations.md b/docs/integrations.md index ef403ae95..b1043450a 100644 --- a/docs/integrations.md +++ b/docs/integrations.md @@ -304,6 +304,222 @@ networks: name: bw-docker ``` +## Linux + +
+ ![Overview](assets/img/integration-linux.svg){ align=center, width="600" } +
Linux integration
+
+ +Supported Linux distributions for BunkerWeb (amd64/x86_64 and arm64/aarch64 architectures) include: + +- Debian 12 "Bookworm" +- Ubuntu 22.04 "Jammy" +- Ubuntu 24.04 "Noble" +- Fedora 39 +- Red Hat Enterprise Linux (RHEL) 8.9 +- Red Hat Enterprise Linux (RHEL) 9.4 + +Please ensure that you have **NGINX 1.24.0 installed before installing BunkerWeb**. For all distributions, except Fedora, it is mandatory to use prebuilt packages from the [official NGINX repository](https://nginx.org/en/linux_packages.html). Compiling NGINX from source or using packages from different repositories will not work with the official prebuilt packages of BunkerWeb. However, you have the option to build BunkerWeb from source. + +To simplify the installation process, Linux package repositories for BunkerWeb are available on [PackageCloud](https://packagecloud.io/bunkerity/bunkerweb). They provide a bash script that automatically adds and trusts the repository. You can follow the provided script for automatic setup, or opt for [manual installation](https://packagecloud.io/bunkerity/bunkerweb/install) instructions if you prefer. + +=== "Debian" + + The first step is to add NGINX official repository : + + ```shell + sudo apt install -y curl gnupg2 ca-certificates lsb-release debian-archive-keyring && \ + curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \ + | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null && \ + echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \ + http://nginx.org/packages/debian `lsb_release -cs` nginx" \ + | sudo tee /etc/apt/sources.list.d/nginx.list + ``` + + You should now be able to install NGINX 1.24.0 : + + ```shell + sudo apt update && \ + sudo apt install -y nginx=1.24.0-1~$(lsb_release -cs) + ``` + + !!! warning "Testing/dev version" + If you use the `testing` or `dev` version, you will need to add the `force-bad-version` directive to your `/etc/dpkg/dpkg.cfg` file before installing BunkerWeb. + + ```shell + echo "force-bad-version" | sudo tee -a /etc/dpkg/dpkg.cfg + ``` + + Optional step : if you want to automatically enable the [setup wizard](web-ui.md#setup-wizard) when BunkerWeb is installed, export the following variable : + + ```shell + export UI_WIZARD=1 + ``` + + And finally install BunkerWeb 1.5.7 : + + ```shell + curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.deb.sh | sudo bash && \ + sudo apt update && \ + sudo -E apt install -y bunkerweb=1.5.7 + ``` + + To prevent upgrading NGINX and/or BunkerWeb packages when executing `apt upgrade`, you can use the following command : + + ```shell + sudo apt-mark hold nginx bunkerweb + ``` + +=== "Ubuntu" + + !!! example "Specifications for Ubuntu 24.04" + As of Ubuntu 24.04, the `nginx` package is not available in the official repository. You will need to use the `jammy` repository to install NGINX 1.24.0. + + Also we do not yet run automated tests on Ubuntu 24.04, so please consider this version as experimental. + + The first step is to add NGINX official repository : + + ```shell + sudo apt install -y curl gnupg2 ca-certificates lsb-release ubuntu-keyring && \ + curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \ + | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null && \ + echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \ + http://nginx.org/packages/ubuntu jammy nginx" \ + | sudo tee /etc/apt/sources.list.d/nginx.list + ``` + + You should now be able to install NGINX 1.24.0 : + + ```shell + sudo apt update && \ + sudo apt install -y nginx=1.24.0-1~jammy + ``` + + !!! warning "Testing/dev version" + If you use the `testing` or `dev` version, you will need to add the `force-bad-version` directive to your `/etc/dpkg/dpkg.cfg` file before installing BunkerWeb. + + ```shell + echo "force-bad-version" | sudo tee -a /etc/dpkg/dpkg.cfg + ``` + + Optional step : if you want to automatically enable the [setup wizard](web-ui.md#setup-wizard) when BunkerWeb is installed, export the following variable : + + ```shell + export UI_WIZARD=1 + ``` + + And finally install BunkerWeb 1.5.7 : + + ```shell + curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.deb.sh | sudo bash && \ + sudo apt update && \ + sudo -E apt install -y bunkerweb=1.5.7 + ``` + + To prevent upgrading NGINX and/or BunkerWeb packages when executing `apt upgrade`, you can use the following command : + + ```shell + sudo apt-mark hold nginx bunkerweb + ``` + +=== "Fedora" + + Fedora already provides NGINX 1.24.0 that we support : + + ```shell + sudo dnf install -y nginx-1.24.0 + ``` + + Optional step : if you want to automatically enable the [setup wizard](web-ui.md#setup-wizard) when BunkerWeb is installed, export the following variable : + + ```shell + export UI_WIZARD=1 + ``` + + And finally install BunkerWeb 1.5.7 : + + ```shell + curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.rpm.sh | \ + sed 's/yum install -y pygpgme --disablerepo='\''bunkerity_bunkerweb'\''/yum install -y python-gnupg/g' | \ + sed 's/pypgpme_check=`rpm -qa | grep -qw pygpgme`/python-gnupg_check=`rpm -qa | grep -qw python-gnupg`/g' | sudo bash && \ + sudo dnf makecache && \ + sudo -E dnf install -y bunkerweb-1.5.7 + ``` + + To prevent upgrading NGINX and/or BunkerWeb packages when executing `dnf upgrade`, you can use the following command : + + ```shell + sudo dnf versionlock add nginx && \ + sudo dnf versionlock add bunkerweb + ``` + +=== "RedHat" + + The first step is to add NGINX official repository. Create the following file at `/etc/yum.repos.d/nginx.repo` : + + ```conf + [nginx-stable] + name=nginx stable repo + baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ + gpgcheck=1 + enabled=1 + gpgkey=https://nginx.org/keys/nginx_signing.key + module_hotfixes=true + + [nginx-mainline] + name=nginx mainline repo + baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/ + gpgcheck=1 + enabled=0 + gpgkey=https://nginx.org/keys/nginx_signing.key + module_hotfixes=true + ``` + + You should now be able to install NGINX 1.24.0 : + + ```shell + sudo dnf install nginx-1.24.0 + ``` + + Optional step : if you want to automatically enable the [setup wizard](web-ui.md#setup-wizard) when BunkerWeb is installed, export the following variable : + + ```shell + export UI_WIZARD=1 + ``` + + And finally install BunkerWeb 1.5.7 : + + ```shell + sudo dnf install -y epel-release && \ + curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.rpm.sh | sudo bash && \ + sudo dnf check-update && \ + sudo -E dnf install -y bunkerweb-1.5.7 + ``` + + To prevent upgrading NGINX and/or BunkerWeb packages when executing `dnf upgrade`, you can use the following command : + + ```shell + sudo dnf versionlock add nginx && \ + sudo dnf versionlock add bunkerweb + ``` + +The configuration of BunkerWeb is done by editing the `/etc/bunkerweb/variables.env` file : + +```conf +MY_SETTING_1=value1 +MY_SETTING_2=value2 +... +``` + +BunkerWeb is managed using systemctl : + +- Check BunkerWeb status : `systemctl status bunkerweb` +- Start it if it's stopped : `systemctl start bunkerweb` +- Stop it if it's started : `systemctl stop bunkerweb` +- Reload it to apply new configuration : `systemctl reload bunkerweb` +- And restart it : `systemctl restart bunkerweb` + ## Docker autoconf
@@ -935,364 +1151,4 @@ spec: port: number: 8000 ... -``` - -## Linux - -
- ![Overview](assets/img/integration-linux.svg){ align=center, width="600" } -
Linux integration
-
- -Supported Linux distributions for BunkerWeb (amd64/x86_64 and arm64/aarch64 architectures) include: - -- Debian 12 "Bookworm" -- Ubuntu 22.04 "Jammy" -- Ubuntu 24.04 "Noble" -- Fedora 39 -- Red Hat Enterprise Linux (RHEL) 8.9 -- Red Hat Enterprise Linux (RHEL) 9.4 - -Please ensure that you have **NGINX 1.24.0 installed before installing BunkerWeb**. For all distributions, except Fedora, it is mandatory to use prebuilt packages from the [official NGINX repository](https://nginx.org/en/linux_packages.html). Compiling NGINX from source or using packages from different repositories will not work with the official prebuilt packages of BunkerWeb. However, you have the option to build BunkerWeb from source. - -To simplify the installation process, Linux package repositories for BunkerWeb are available on [PackageCloud](https://packagecloud.io/bunkerity/bunkerweb). They provide a bash script that automatically adds and trusts the repository. You can follow the provided script for automatic setup, or opt for [manual installation](https://packagecloud.io/bunkerity/bunkerweb/install) instructions if you prefer. - -=== "Debian" - - The first step is to add NGINX official repository : - - ```shell - sudo apt install -y curl gnupg2 ca-certificates lsb-release debian-archive-keyring && \ - curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \ - | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null && \ - echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \ - http://nginx.org/packages/debian `lsb_release -cs` nginx" \ - | sudo tee /etc/apt/sources.list.d/nginx.list - ``` - - You should now be able to install NGINX 1.24.0 : - - ```shell - sudo apt update && \ - sudo apt install -y nginx=1.24.0-1~$(lsb_release -cs) - ``` - - !!! warning "Testing/dev version" - If you use the `testing` or `dev` version, you will need to add the `force-bad-version` directive to your `/etc/dpkg/dpkg.cfg` file before installing BunkerWeb. - - ```shell - echo "force-bad-version" | sudo tee -a /etc/dpkg/dpkg.cfg - ``` - - Optional step : if you want to automatically enable the [setup wizard](web-ui.md#setup-wizard) when BunkerWeb is installed, export the following variable : - - ```shell - export UI_WIZARD=1 - ``` - - And finally install BunkerWeb 1.5.7 : - - ```shell - curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.deb.sh | sudo bash && \ - sudo apt update && \ - sudo -E apt install -y bunkerweb=1.5.7 - ``` - - To prevent upgrading NGINX and/or BunkerWeb packages when executing `apt upgrade`, you can use the following command : - - ```shell - sudo apt-mark hold nginx bunkerweb - ``` - -=== "Ubuntu" - - !!! example "Specifications for Ubuntu 24.04" - As of Ubuntu 24.04, the `nginx` package is not available in the official repository. You will need to use the `jammy` repository to install NGINX 1.24.0. - - Also we do not yet run automated tests on Ubuntu 24.04, so please consider this version as experimental. - - The first step is to add NGINX official repository : - - ```shell - sudo apt install -y curl gnupg2 ca-certificates lsb-release ubuntu-keyring && \ - curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \ - | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null && \ - echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \ - http://nginx.org/packages/ubuntu jammy nginx" \ - | sudo tee /etc/apt/sources.list.d/nginx.list - ``` - - You should now be able to install NGINX 1.24.0 : - - ```shell - sudo apt update && \ - sudo apt install -y nginx=1.24.0-1~jammy - ``` - - !!! warning "Testing/dev version" - If you use the `testing` or `dev` version, you will need to add the `force-bad-version` directive to your `/etc/dpkg/dpkg.cfg` file before installing BunkerWeb. - - ```shell - echo "force-bad-version" | sudo tee -a /etc/dpkg/dpkg.cfg - ``` - - Optional step : if you want to automatically enable the [setup wizard](web-ui.md#setup-wizard) when BunkerWeb is installed, export the following variable : - - ```shell - export UI_WIZARD=1 - ``` - - And finally install BunkerWeb 1.5.7 : - - ```shell - curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.deb.sh | sudo bash && \ - sudo apt update && \ - sudo -E apt install -y bunkerweb=1.5.7 - ``` - - To prevent upgrading NGINX and/or BunkerWeb packages when executing `apt upgrade`, you can use the following command : - - ```shell - sudo apt-mark hold nginx bunkerweb - ``` - -=== "Fedora" - - Fedora already provides NGINX 1.24.0 that we support : - - ```shell - sudo dnf install -y nginx-1.24.0 - ``` - - Optional step : if you want to automatically enable the [setup wizard](web-ui.md#setup-wizard) when BunkerWeb is installed, export the following variable : - - ```shell - export UI_WIZARD=1 - ``` - - And finally install BunkerWeb 1.5.7 : - - ```shell - curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.rpm.sh | \ - sed 's/yum install -y pygpgme --disablerepo='\''bunkerity_bunkerweb'\''/yum install -y python-gnupg/g' | \ - sed 's/pypgpme_check=`rpm -qa | grep -qw pygpgme`/python-gnupg_check=`rpm -qa | grep -qw python-gnupg`/g' | sudo bash && \ - sudo dnf makecache && \ - sudo -E dnf install -y bunkerweb-1.5.7 - ``` - - To prevent upgrading NGINX and/or BunkerWeb packages when executing `dnf upgrade`, you can use the following command : - - ```shell - sudo dnf versionlock add nginx && \ - sudo dnf versionlock add bunkerweb - ``` - -=== "RedHat" - - The first step is to add NGINX official repository. Create the following file at `/etc/yum.repos.d/nginx.repo` : - - ```conf - [nginx-stable] - name=nginx stable repo - baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ - gpgcheck=1 - enabled=1 - gpgkey=https://nginx.org/keys/nginx_signing.key - module_hotfixes=true - - [nginx-mainline] - name=nginx mainline repo - baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/ - gpgcheck=1 - enabled=0 - gpgkey=https://nginx.org/keys/nginx_signing.key - module_hotfixes=true - ``` - - You should now be able to install NGINX 1.24.0 : - - ```shell - sudo dnf install nginx-1.24.0 - ``` - - Optional step : if you want to automatically enable the [setup wizard](web-ui.md#setup-wizard) when BunkerWeb is installed, export the following variable : - - ```shell - export UI_WIZARD=1 - ``` - - And finally install BunkerWeb 1.5.7 : - - ```shell - sudo dnf install -y epel-release && \ - curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.rpm.sh | sudo bash && \ - sudo dnf check-update && \ - sudo -E dnf install -y bunkerweb-1.5.7 - ``` - - To prevent upgrading NGINX and/or BunkerWeb packages when executing `dnf upgrade`, you can use the following command : - - ```shell - sudo dnf versionlock add nginx && \ - sudo dnf versionlock add bunkerweb - ``` - -The configuration of BunkerWeb is done by editing the `/etc/bunkerweb/variables.env` file : - -```conf -MY_SETTING_1=value1 -MY_SETTING_2=value2 -... -``` - -BunkerWeb is managed using systemctl : - -- Check BunkerWeb status : `systemctl status bunkerweb` -- Start it if it's stopped : `systemctl start bunkerweb` -- Stop it if it's started : `systemctl stop bunkerweb` -- And restart : `systemctl restart bunkerweb` - -## Ansible - -
- ![Overview](assets/img/integration-ansible.svg){ align=center, width="600" } -
Ansible integration
-
- -Supported Linux distributions for BunkerWeb (amd64/x86_64 and arm64/aarch64 architectures) include: - -- Debian 12 "Bookworm" -- Ubuntu 22.04 "Jammy" -- Ubuntu 24.04 "Noble" -- Fedora 39 -- Red Hat Enterprise Linux (RHEL) 8.9 -- Red Hat Enterprise Linux (RHEL) 9.4 - -To simplify the deployment and configuration process, [Ansible](https://docs.ansible.com/ansible/latest/index.html) can be used as an IT automation tool. Ansible enables you to configure systems, deploy software, and perform advanced IT tasks such as continuous deployments or zero downtime rolling updates. - -For BunkerWeb, there is a dedicated Ansible role available on [Ansible Galaxy](https://galaxy.ansible.com/bunkerity/bunkerweb). - -To proceed with the BunkerWeb Ansible role setup, follow these steps: - -1. Begin by creating an inventory file that lists the IP addresses or FQDNs of the remote systems you want to manage. You can either add this information to the `/etc/ansible/hosts` file or create a separate inventory file such as `inventory.yml`. Here's an example using a TOML format: - - ```toml - [mybunkers] - 192.0.2.50 - 192.0.2.51 - 192.0.2.52 - ``` - -2. Next, establish SSH connections to the managed nodes by adding your public SSH keys to the `authorized_keys` file on each remote system. Verify that you can successfully connect to the nodes using SSH. - -3. Create a playbook file, such as `playbook.yml`, which will define the desired configuration using the BunkerWeb Ansible role. Here's an example playbook configuration: - - ```yaml - --- - - hosts: all - become: true - roles: - - bunkerity.bunkerweb - ``` - -4. Execute the playbook using the `ansible-playbook` command, providing the inventory file and the playbook file as arguments. For example: - - ```shell - ansible-playbook -i inventory.yml playbook.yml - ``` - -By running the playbook, Ansible will apply the BunkerWeb role to all the hosts specified in the inventory, setting up the desired configuration. - -the configuration of BunkerWeb is done by using specific role variables : - -| Name | Type | Description | Default value | -| :-------------------: | :--------: | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------- | -| `bunkerweb_version` | string | Version of BunkerWeb to install. | `1.5.7` | -| `nginx_version` | string | Version of NGINX to install. | `1.24.0` | -| `freeze_versions` | boolean | Prevent upgrade of BunkerWeb and NGINX when performing packages upgrades. | `true` | -| `variables_env` | string | Path of the variables.env file to configure BunkerWeb. | `files/variables.env` | -| `enable_ui` | boolean | Activate the web UI. | `false` | -| `custom_ui` | string | Path of the ui.env file to configure the web UI. | `files/ui.env` | -| `custom_configs_path` | Dictionary | Each entry is a path of the folder containing custom configurations. Keys are the type of custom configs : `http`, `server-http`, `modsec`, `modsec-crs` and `default-server-http` | empty values | -| `custom_www` | string | Path of the www directory to upload. | empty value | -| `custom_plugins` | string | Path of the plugins directory to upload. | empty value | -| `custom_www_owner` | string | Default owner for www files and folders. | `nginx` | -| `custom_www_group` | string | Default group for www files and folders. | `nginx` | - -## Vagrant - - - -List of supported providers : - -- virtualbox -- libvirt - -!!! note "Supported Base Images" - Please be aware that the provided Vagrant boxes are based **exclusively on Ubuntu 22.04 "Jammy"**. While BunkerWeb supports other Linux distributions, the Vagrant setup currently only supports Ubuntu 22.04 as the base operating system. This ensures a consistent and reliable environment for users who want to deploy BunkerWeb using Vagrant. - -Similar to other BunkerWeb integrations, the Vagrant setup uses **NGINX version 1.24.0**. This specific version is required to ensure compatibility and smooth functioning with BunkerWeb. Additionally, the Vagrant box includes **PHP** pre-installed, providing a ready-to-use environment for hosting PHP-based applications alongside BunkerWeb. - -By using the provided Vagrant box based on Ubuntu 22.04 "Jammy", you benefit from a well-configured and integrated setup, allowing you to focus on developing and securing your applications with BunkerWeb without worrying about the underlying infrastructure. - -Here are the steps to install BunkerWeb using Vagrant on Ubuntu with the supported virtualization providers (VirtualBox, and libvirt): - -1. Make sure you have Vagrant and one of the supported virtualization providers (VirtualBox or libvirt) installed on your system. -2. There are two ways to install the Vagrant box with BunkerWeb: either by using a provided Vagrantfile to configure your virtual machine or by creating a new box based on the existing BunkerWeb Vagrant box, offering you flexibility in how you set up your development environment. - -=== "Vagrantfile" - - ```shell - Vagrant.configure("2") do |config| - config.vm.box = "bunkerity/bunkerweb" - end - ``` - - Depending on the virtualization provider you choose, you may need to install additional plugins: - - * For **libvirt**, install the `vagrant-libvirt plugin`. For more information, see the [Vagrant documentation](https://www.vagrantup.com/docs/providers). - * For **VirtualBox**, install the `vagrant-vbguest` plugin. For more information, see the [Vagrant documentation](https://www.vagrantup.com/docs/providers). - -=== "New Vagrant Box" - - ```shell - vagrant init bunkerity/bunkerweb - ``` - - Depending on the virtualization provider you choose, you may need to install additional plugins: - - * For **libvirt**, install the `vagrant-libvirt plugin`. For more information, see the [Vagrant documentation](https://www.vagrantup.com/docs/providers). - * For **VirtualBox**, install the `vagrant-vbguest` plugin. For more information, see the [Vagrant documentation](https://www.vagrantup.com/docs/providers). - -After installing the necessary plugins for your chosen virtualization provider, run the following command to start the virtual machine and install BunkerWeb: - -```shell -vagrant up --provider=virtualbox # or --provider=libvirt -``` - -Finally, to access the virtual machine using SSH, execute the following command: - -```shell -vagrant ssh -``` - -**Example Vagrantfile** - - Here is an example `Vagrantfile` for installing BunkerWeb on Ubuntu 22.04 "Jammy" using the different supported virtualization providers: - -```shell -Vagrant.configure("2") do |config| - # Ubuntu 22.04 "Jammy" - config.vm.box = "bunkerity/bunkerweb" - # Uncomment the desired virtualization provider - # For VirtualBox (default) - config.vm.provider "virtualbox" - # For libvirt - # config.vm.provider "libvirt" -end -``` +``` \ No newline at end of file diff --git a/docs/plugins.md b/docs/plugins.md index 2ef4f11ec..f2f829b9b 100644 --- a/docs/plugins.md +++ b/docs/plugins.md @@ -248,49 +248,6 @@ The first step is to install the plugin by putting the plugin files inside the c chown -R nginx:nginx /etc/bunkerweb/plugins ``` -=== "Ansible" - - When using the [Ansible integration](integrations.md#ansible), you can use the `plugins` variable to set a local folder containing your plugins that will be copied to your BunkerWeb instances. - - Let's assume that you have plugins inside the `bunkerweb-plugins` folder : - - ```shell - git clone https://github.com/bunkerity/bunkerweb-plugins - ``` - - In your Ansible inventory, you can use the `plugins` variable to set the path of plugins folder : - - ```ini - [mybunkers] - 192.168.0.42 ... custom_plugins="{{ playbook_dir }}/bunkerweb-plugins" - ``` - - Or alternatively, in your playbook file : - - ```yaml - - hosts: all - become: true - vars: - - custom_plugins: "{{ playbook_dir }}/bunkerweb-plugins" - roles: - - bunkerity.bunkerweb - ``` - - Run the playbook : - - ```shell - ansible-playbook -i inventory.yml playbook.yml - ``` - -=== "Vagrant" - - When using the [Vagrant integration](integrations.md#vagrant), plugins must be written to the `/etc/bunkerweb/plugins` folder (you will need to do a `vagrant ssh` first) : - - ```shell - git clone https://github.com/bunkerity/bunkerweb-plugins && \ - cp -rp ./bunkerweb-plugins/* /etc/bunkerweb/plugins - ``` - ## Writing a plugin ### Structure diff --git a/docs/quickstart-guide.md b/docs/quickstart-guide.md index 093482af4..b1898d3d8 100644 --- a/docs/quickstart-guide.md +++ b/docs/quickstart-guide.md @@ -255,102 +255,6 @@ You will find more settings about reverse proxy in the [settings section](settin systemctl start bunkerweb ``` -=== "Ansible" - - We will assume that you already have a service running and you want to use BunkerWeb as a reverse-proxy. - - The following command will run a basic HTTP server on the port 8000 and deliver the files in the current directory : - - ```shell - python3 -m http.server -b 127.0.0.1 - ``` - - Content of the `my_variables.env` configuration file : - - ```conf - HTTP_PORT=80 - HTTPS_PORT=443 - DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 - API_LISTEN_IP=127.0.0.1 - SERVER_NAME=www.example.com - USE_REVERSE_PROXY=yes - REVERSE_PROXY_URL=/ - REVERSE_PROXY_HOST=http://127.0.0.1:8000 - ``` - - In your Ansible inventory, you can use the `variables_env` variable to set the path of configuration file : - - ```yaml - [mybunkers] - 192.168.0.42 variables_env="{{ playbook_dir }}/my_variables.env" - ``` - - Or alternatively, in your playbook file : - - ```yaml - - hosts: all - become: true - vars: - - variables_env: "{{ playbook_dir }}/my_variables.env" - roles: - - bunkerity.bunkerweb - ``` - - You can now run the playbook : - - ```shell - ansible-playbook -i inventory.yml playbook.yml - ``` - -=== "Vagrant" - - We will assume that you already have the [Vagrant integration](integrations.md#vagrant) stack running on your machine. - - The following command will run a basic HTTP server on the port 8000 and deliver the files in the current directory : - - ```shell - python3 -m http.server -b 127.0.0.1 - ``` - - Configuration of BunkerWeb is done by editing the `/etc/bunkerweb/variables.env` file. - - Connect to your vagrant machine : - - ```shell - vagrant ssh - ``` - - And then you can edit the `variables.env` file in your host machine like this : - - ```conf - SERVER_NAME=www.example.com - HTTP_PORT=80 - HTTPS_PORT=443 - DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 - API_LISTEN_IP=127.0.0.1 - USE_REVERSE_PROXY=yes - REVERSE_PROXY_URL=/ - REVERSE_PROXY_HOST=http://127.0.0.1:8000 - ``` - - Let's check the status of BunkerWeb : - - ```shell - systemctl status bunkerweb - ``` - - If it's already running we can restart it : - - ```shell - systemctl restart bunkerweb - ``` - - Otherwise, we will need to start it : - - ```shell - systemctl start bunkerweb - ``` - ### Multiple applications !!! tip "Testing" @@ -691,106 +595,6 @@ You will find more settings about reverse proxy in the [settings section](settin systemctl start bunkerweb ``` -=== "Ansible" - - We will assume that you already have a service running and you want to use BunkerWeb as a reverse-proxy. - - The following command will run a basic HTTP server on the port 8001 and deliver the files in the current directory (repeat it and change the port if you want to test BunkerWeb) : - - ```shell - python3 -m http.server -b 127.0.0.1 8001 - ``` - - Content of the `my_variables.env` configuration file : - - ```conf - HTTP_PORT=80 - HTTPS_PORT=443 - DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 - API_LISTEN_IP=127.0.0.1 - MULTISITE=yes - SERVER_NAME=app1.example.com app2.example.com app3.example.com - USE_REVERSE_PROXY=yes - REVERSE_PROXY_URL=/ - app1.example.com_REVERSE_PROXY_HOST=http://127.0.0.1:8001 - app2.example.com_REVERSE_PROXY_HOST=http://127.0.0.1:8002 - app3.example.com_REVERSE_PROXY_HOST=http://127.0.0.1:8003 - ``` - - In your Ansible inventory, you can use the `variables_env` variable to set the path of configuration file : - - ```yaml - [mybunkers] - 192.168.0.42 variables_env="{{ playbook_dir }}/my_variables.env" - ``` - - Or alternatively, in your playbook file : - - ```yaml - - hosts: all - become: true - vars: - - variables_env: "{{ playbook_dir }}/my_variables.env" - roles: - - bunkerity.bunkerweb - ``` - - You can now run the playbook : - - ```shell - ansible-playbook -i inventory.yml playbook.yml - ``` - -=== "Vagrant" - - We will assume that you already have the [Vagrant integration](integrations.md#vagrant) stack running on your machine. - - First of all, connect to your vagrant machine : - - ```shell - vagrant ssh - ``` - - The following command will run a basic HTTP server on the port 8001 and deliver the files in the current directory (repeat it and change the port if you want to test BunkerWeb) : - - ```shell - python3 -m http.server -b 127.0.0.1 8001 - ``` - - And then you can edit the `variables.env` file in your host machine like this : - - ```conf - HTTP_PORT=80 - HTTPS_PORT=443 - DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 - API_LISTEN_IP=127.0.0.1 - MULTISITE=yes - SERVER_NAME=app1.example.com app2.example.com app3.example.com - USE_REVERSE_PROXY=yes - REVERSE_PROXY_URL=/ - app1.example.com_REVERSE_PROXY_HOST=http://127.0.0.1:8001 - app2.example.com_REVERSE_PROXY_HOST=http://127.0.0.1:8002 - app3.example.com_REVERSE_PROXY_HOST=http://127.0.0.1:8003 - ``` - - Let's check the status of BunkerWeb : - - ```shell - systemctl status bunkerweb - ``` - - If it's already running we can restart it : - - ```shell - systemctl restart bunkerweb - ``` - - Otherwise, we will need to start it : - - ```shell - systemctl start bunkerweb - ``` - ## Behind load balancer or reverse proxy When BunkerWeb is itself behind a load balancer or a reverse proxy, you need to configure it so it can get the real IP address of the clients. If you don't, the security features will block the IP address of the load balancer or reverse proxy instead of the client's one. @@ -908,56 +712,6 @@ REAL_IP_HEADER=X-Forwarded-For Don't forget to restart the BunkerWeb service once it's done. -=== "Ansible" - - You will need to add the settings to your `my_variables.env` configuration file : - - ```conf - ... - USE_REAL_IP=yes - REAL_IP_FROM=1.2.3.0/24 100.64.0.0/16 - REAL_IP_HEADER=X-Forwarded-For - ... - ``` - - In your Ansible inventory, you can use the `variables_env` variable to set the path of configuration file : - - ```yaml - [mybunkers] - 192.168.0.42 variables_env="{{ playbook_dir }}/my_variables.env" - ``` - - Or alternatively, in your playbook file : - - ```yaml - - hosts: all - become: true - vars: - - variables_env: "{{ playbook_dir }}/my_variables.env" - roles: - - bunkerity.bunkerweb - ``` - - Run the playbook : - - ```shell - ansible-playbook -i inventory.yml playbook.yml - ``` - -=== "Vagrant" - - You will need to add the settings to the `/etc/bunkerweb/variables.env` file : - - ```conf - ... - USE_REAL_IP=yes - REAL_IP_FROM=1.2.3.0/24 100.64.0.0/16 - REAL_IP_HEADER=X-Forwarded-For - ... - ``` - - Don't forget to restart the BunkerWeb service once it's done. - ### Proxy protocol We will assume the following regarding the load balancers or reverse proxies (you will need to update the settings depending on your configuration) : @@ -1064,58 +818,6 @@ REAL_IP_HEADER=proxy_protocol Don't forget to restart the BunkerWeb service once it's done. -=== "Ansible" - - You will need to add the settings to your `my_variables.env` configuration file : - - ```conf - ... - USE_REAL_IP=yes - USE_PROXY_PROTOCOL=yes - REAL_IP_FROM=1.2.3.0/24 100.64.0.0/16 - REAL_IP_HEADER=proxy_protocol - ... - ``` - - In your Ansible inventory, you can use the `variables_env` variable to set the path of configuration file : - - ```yaml - [mybunkers] - 192.168.0.42 variables_env="{{ playbook_dir }}/my_variables.env" - ``` - - Or alternatively, in your playbook file : - - ```yaml - - hosts: all - become: true - vars: - - variables_env: "{{ playbook_dir }}/my_variables.env" - roles: - - bunkerity.bunkerweb - ``` - - Run the playbook : - - ```shell - ansible-playbook -i inventory.yml playbook.yml - ``` - -=== "Vagrant" - - You will need to add the settings to the `/etc/bunkerweb/variables.env` file : - - ```conf - ... - USE_REAL_IP=yes - USE_PROXY_PROTOCOL=yes - REAL_IP_FROM=1.2.3.0/24 100.64.0.0/16 - REAL_IP_HEADER=proxy_protocol - ... - ``` - - Don't forget to restart the BunkerWeb service once it's done. - ## Protect UDP/TCP applications !!! warning "Feature is in beta" @@ -1376,66 +1078,6 @@ For complete list of settings regarding `stream` mode, please refer to the [sett Don't forget to restart the BunkerWeb service once it's done. -=== "Ansible" - - You will need to add the settings to your `my_variables.env` configuration file : - - ```conf - ... - SERVER_NAME=app1.example.com app2.example.com - MULTISITE=yes - USE_REVERSE_PROXY=yes - SERVER_TYPE=stream - app1.example.com_REVERSE_PROXY_HOST=myapp1.domain.or.ip:9000 - app1.example.com_LISTEN_STREAM_PORT=10000 - app2.example.com_REVERSE_PROXY_HOST=myapp2.domain.or.ip:9000 - app2.example.com_LISTEN_STREAM_PORT=20000 - ... - ``` - - In your Ansible inventory, you can use the `variables_env` variable to set the path of configuration file : - - ```yaml - [mybunkers] - 192.168.0.42 variables_env="{{ playbook_dir }}/my_variables.env" - ``` - - Or alternatively, in your playbook file : - - ```yaml - - hosts: all - become: true - vars: - - variables_env: "{{ playbook_dir }}/my_variables.env" - roles: - - bunkerity.bunkerweb - ``` - - Run the playbook : - - ```shell - ansible-playbook -i inventory.yml playbook.yml - ``` - -=== "Vagrant" - - You will need to add the settings to the `/etc/bunkerweb/variables.env` file : - - ```conf - ... - SERVER_NAME=app1.example.com app2.example.com - MULTISITE=yes - USE_REVERSE_PROXY=yes - SERVER_TYPE=stream - app1.example.com_REVERSE_PROXY_HOST=myapp1.domain.or.ip:9000 - app1.example.com_LISTEN_STREAM_PORT=10000 - app2.example.com_REVERSE_PROXY_HOST=myapp2.domain.or.ip:9000 - app2.example.com_LISTEN_STREAM_PORT=20000 - ... - ``` - - Don't forget to restart the BunkerWeb service once it's done. - ## Custom configurations To customize and add custom configurations to BunkerWeb, you can take advantage of its NGINX foundation. Custom NGINX configurations can be added in different NGINX contexts, including configurations for the ModSecurity Web Application Firewall (WAF), which is a core component of BunkerWeb. More details about ModSecurity configurations can be found [here](security-tuning.md#modsecurity). @@ -1673,71 +1315,6 @@ Some integrations provide more convenient ways to apply configurations, such as Don't forget to restart the BunkerWeb service once it's done. -=== "Ansible" - - The `custom_configs_path[]` variable is a dictionary with configuration types (`http`, `server-http`, `modsec`, `modsec-crs`, `stream` and `server-stream`) as keys and the corresponding values are path containing the configuration files. - - Here is an example for server-http/hello-world.conf : - - ```conf - location /hello { - default_type 'text/plain'; - content_by_lua_block { - ngx.say('world') - } - } - ``` - - And the corresponding `custom_configs_path[server-http]` variable used in your inventory : - - ```yaml - [mybunkers] - 192.168.0.42 custom_configs_path={"server-http": "{{ playbook_dir }}/server-http"} - ``` - - Or alternatively, in your playbook file : - - ```yaml - - hosts: all - become: true - vars: - - custom_configs_path: { - server-http: "{{ playbook_dir }}/server-http" - } - roles: - - bunkerity.bunkerweb - ``` - - Run the playbook : - - ```shell - ansible-playbook -i inventory.yml playbook.yml - ``` - -=== "Vagrant" - - When using the [Vagrant integration](integrations.md#vagrant), custom configurations must be written to the `/etc/bunkerweb/configs` folder. - - Here is an example for server-http/hello-world.conf : - - ```conf - location /hello { - default_type 'text/plain'; - content_by_lua_block { - ngx.say('world') - } - } - ``` - - Because BunkerWeb runs as an unprivileged user (nginx:nginx), you will need to edit the permissions : - - ```shell - chown -R root:nginx /etc/bunkerweb/configs && \ - chmod -R 770 /etc/bunkerweb/configs - ``` - - Don't forget to restart the BunkerWeb service once it's done. - ## PHP !!! warning "Support is in beta" @@ -2237,98 +1814,6 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma systemctl start bunkerweb ``` -=== "Ansible" - - !!! info "Linux" - Please follow the instruction for Linux integration to create a local `www` folder (permissions are not needed, Ansible will do it for you). - - We will assume that you already have the [Ansible integration](integrations.md#ansible) setup on your machine. - - Content of the `my_variables.env` configuration file : - - ```conf - HTTP_PORT=80 - HTTPS_PORT=443 - DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 - API_LISTEN_IP=127.0.0.1 - MULTISITE=yes - SERVER_NAME=app1.example.com app2.example.com app3.example.com - app1.example.com_LOCAL_PHP=/run/php/php-fpm.sock - app1.example.com_LOCAL_PHP_PATH=/var/www/html/app1.example.com - app2.example.com_LOCAL_PHP=/run/php/php-fpm.sock - app2.example.com_LOCAL_PHP_PATH=/var/www/html/app2.example.com - app3.example.com_LOCAL_PHP=/run/php/php-fpm.sock - app3.example.com_LOCAL_PHP_PATH=/var/www/html/app3.example.com - ``` - - The `custom_site` variable can be used to specify a directory containing your application files (e.g : `www`) that will be copied to `/var/www/html` and the `custom_www_owner` variable contains the owner that should be set for the files and folders. Here is an example using the Ansible inventory (replace `www-data` with the user running the PHP-FPM service): - - ```ini - [mybunkers] - 192.168.0.42 variables_env="{{ playbook_dir }}/my_variables.env" custom_www="{{ playbook_dir }}/my_app" custom_www_owner="www-data" - ``` - - Or alternatively, in your playbook file : - - ```yaml - - hosts: all - become: true - vars: - - variables_env: "{{ playbook_dir }}/my_variables.env" - - custom_www: "{{ playbook_dir }}/www" - - custom_www_owner: "www-data" - roles: - - bunkerity.bunkerweb - ``` - - You can now run the playbook : - - ```shell - ansible-playbook -i inventory.yml playbook.yml - ``` - -=== "Vagrant" - - !!! info "Linux" - Please follow the instruction for Linux integration to create the `/var/www/html` folder. - - We will assume that you already have the [Vagrant integration](integrations.md#vagrant) stack running on your machine. - - Once PHP files are copied into the `/var/www/html`folder, you can now edit the `/etc/bunkerweb/variable.env` file : - - ```conf - HTTP_PORT=80 - HTTPS_PORT=443 - DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 - API_LISTEN_IP=127.0.0.1 - MULTISITE=yes - SERVER_NAME=app1.example.com app2.example.com app3.example.com - app1.example.com_LOCAL_PHP=/run/php/php-fpm.sock - app1.example.com_LOCAL_PHP_PATH=/var/www/html/app1.example.com - app2.example.com_LOCAL_PHP=/run/php/php-fpm.sock - app2.example.com_LOCAL_PHP_PATH=/var/www/html/app2.example.com - app3.example.com_LOCAL_PHP=/run/php/php-fpm.sock - app3.example.com_LOCAL_PHP_PATH=/var/www/html/app3.example.com - ``` - - Let's check the status of BunkerWeb : - - ```shell - systemctl status bunkerweb - ``` - - If it's already running we can restart it : - - ```shell - systemctl restart bunkerweb - ``` - - Otherwise, we will need to start it : - - ```shell - systemctl start bunkerweb - ``` - ## IPv6 !!! warning "Feature is in beta" diff --git a/docs/troubleshooting.md b/docs/troubleshooting.md index 66c638ee7..89d25c430 100644 --- a/docs/troubleshooting.md +++ b/docs/troubleshooting.md @@ -89,32 +89,6 @@ Here is how you can access the logs, depending on your integration : cat /var/log/bunkerweb/access.log ``` -=== "Ansible" - - For errors related to BunkerWeb services (e.g. not starting), you can use `journalctl` : - ```shell - ansible -i inventory.yml all -a "journalctl -u bunkerweb --no-pager" --become - ``` - - Common logs are located inside the `/var/log/bunkerweb` directory : - ```shell - ansible -i inventory.yml all -a "cat /var/log/bunkerweb/error.log" --become - ansible -i inventory.yml all -a "cat /var/log/bunkerweb/access.log" --become - ``` - -=== "Vagrant" - - For errors related to BunkerWeb services (e.g. not starting), you can use `journalctl` : - ```shell - journalctl -u bunkerweb --no-pager - ``` - - Common logs are located inside the `/var/log/bunkerweb` directory : - ```shell - cat /var/log/bunkerweb/error.log - cat /var/log/bunkerweb/access.log - ``` - ## Permissions Don't forget that BunkerWeb runs as an unprivileged user for obvious security reasons. Double-check the permissions of files and folders used by BunkerWeb, especially if you use custom configurations (more info [here](quickstart-guide.md#custom-configurations)). You will need to set at least **RW** rights on files and **_RWX_** on folders. @@ -267,20 +241,6 @@ You can manually unban an IP which can be useful when doing some tests but it ne sudo bwcli unban 1.2.3.4 ``` -=== "Ansible" - - You can use the `bwcli` command : - ```shell - ansible -i inventory.yml all -a "bwcli unban 1.2.3.4" --become - ``` - -=== "Vagrant" - - You can use the `bwcli` command (as root) : - ```shell - sudo bwcli unban 1.2.3.4 - ``` - ## Whitelisting If you have bots that need to access your website, the recommended way to avoid any false positive is to whitelist them using the [whitelisting feature](security-tuning.md#blacklisting-and-whitelisting). We don't recommend using the `WHITELIST_URI*` or `WHITELIST_USER_AGENT*` settings unless they are set to secret and unpredictable values. Common use cases are : diff --git a/docs/upgrading.md b/docs/upgrading.md index 24f7b4d15..8485c757a 100644 --- a/docs/upgrading.md +++ b/docs/upgrading.md @@ -151,7 +151,7 @@ 3. **Stop the services**: ```bash - systemctl stop bunkerweb-scheduler + systemctl stop bunkerweb systemctl stop bunkerweb-ui ``` @@ -275,7 +275,7 @@ 4. **Stop the services**. ```bash - systemctl stop bunkerweb-scheduler + systemctl stop bunkerweb systemctl stop bunkerweb-ui ``` diff --git a/docs/web-ui.md b/docs/web-ui.md index 0f5f2d305..7b2f37cbe 100644 --- a/docs/web-ui.md +++ b/docs/web-ui.md @@ -1612,112 +1612,3 @@ After a successful login/password combination, you will be prompted to enter you ```shell systemctl restart bunkerweb ``` - -=== "Ansible" - - The installation of the web UI using the [Vagrant integration](integrations.md#linux) is pretty straightforward because it is installed with BunkerWeb. - - Create a `my_ui.env` filed used to configure the web UI : - - ```conf - ADMIN_USERNAME=changeme - ADMIN_PASSWORD=changeme - ``` - - Here is the `my_variables.env` boilerplate you can use : - - ```conf - HTTP_PORT=80 - HTTPS_PORT=443 - DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 - API_LISTEN_IP=127.0.0.1 - SERVER_NAME=www.example.com - MULTISITE=yes - www.example.com_USE_UI=yes - www.example.com_USE_REVERSE_PROXY=yes - www.example.com_REVERSE_PROXY_URL=/changeme - www.example.com_REVERSE_PROXY_HOST=http://127.0.0.1:7000 - www.example.com_INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504 - www.example.com_MAX_CLIENT_SIZE=50m - ``` - - The variable `enable_ui` can be set to `true` in order to activate the web UI service and the variable `custom_ui` can be used to specify the configuration file for the web UI : - - ```ini - [mybunkers] - 192.168.0.42 variables_env="{{ playbook_dir }}/my_variables.env" enable_ui=true custom_ui="{{ playbook_dir }}/my_ui.env" - ``` - - Or alternatively, in your playbook file : - - ```yaml - - hosts: all - become: true - vars: - - variables_env: "{{ playbook_dir }}/my_variables.env" - - enable_ui: true - - custom_ui: "{{ playbook_dir }}/my_ui.env" - roles: - - bunkerity.bunkerweb - ``` - - - You can now run the playbook and be able to access the web UI : - - ```shell - ansible-playbook -i inventory.yml playbook.yml - ``` - -=== "Vagrant" - - The installation of the web UI using the [Vagrant integration](integrations.md#vagrant) is pretty straightforward because it is installed with BunkerWeb. - - First of all, you will need to get a shell on your Vagrant box : - - ```shell - vagrant ssh - ``` - - The web UI comes as systemd service named `bunkerweb-ui` which is not enabled by default. If you want to start the web UI when on startup you can run the following command : - - ```shell - systemctl enable bunkerweb-ui - ``` - - A dedicated environment file located at `/etc/bunkerweb/ui.env` is used to configure the web UI : - - ```conf - ADMIN_USERNAME=changeme - ADMIN_PASSWORD=changeme - ``` - - Each time you edit the `/etc/bunkerweb/ui.env` file, you will need to restart the service : - - ```shell - systemctl restart bunkerweb-ui - ``` - - Accessing the web UI through BunkerWeb is a classical [reverse proxy setup](quickstart-guide.md#protect-http-applications). Please note that the web UI is listening on the `7000` port and only on the loopback interface. - - Here is the `/etc/bunkerweb/variables.env` boilerplate you can use : - - ```conf - HTTP_PORT=80 - HTTPS_PORT=443 - DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 - API_LISTEN_IP=127.0.0.1 - SERVER_NAME=www.example.com - MULTISITE=yes - www.example.com_USE_UI=yes - www.example.com_USE_REVERSE_PROXY=yes - www.example.com_REVERSE_PROXY_URL=/changeme - www.example.com_REVERSE_PROXY_HOST=http://127.0.0.1:7000 - www.example.com_INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504 - www.example.com_MAX_CLIENT_SIZE=50m - ``` - - Don't forget to restart the `bunkerweb` service : - - ```shell - systemctl restart bunkerweb - ```