diff --git a/CHANGELOG.md b/CHANGELOG.md index 6aa8019ad..4837f4f5d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,18 @@ # Changelog -## v1.5.3 - +## v1.5.4 - + +- [BUGFIX] Fix issues with the Linux integration and external databases +- [DOCUMENTATION] Add documentation about the new setup wizard +- [MISC] Add a setup wizard 🧙‍♂️ for the web UI +- [MISC] Refactor database session handling to make it more stable with SQLite +- [MISC] Handle start and stop event of BunkerWeb with the scheduler in Docker +- [MISC] Add conditional block for open file cache in nginx config +- [MISC] Updated core dependencies +- [MISC] Updated python dependencies +- [MISC] Updated Python Docker image to 3.12.0-alpine3.18 in Dockerfiles + +## v1.5.3 - 2023/10/31 - [BUGFIX] Fix BunkerWeb not loading his own settings after a docker restart - [BUGFIX] Fix Custom configs not following the service name after an update on the UI diff --git a/docs/package-lock.json b/docs/package-lock.json index b0623e043..b460d1262 100644 --- a/docs/package-lock.json +++ b/docs/package-lock.json @@ -9,11 +9,11 @@ } }, "node_modules/@babel/code-frame": { - "version": "7.22.13", - "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.22.13.tgz", - "integrity": "sha512-XktuhWlJ5g+3TJXc5upd9Ks1HutSArik6jf2eAjYFyIOf4ej3RN+184cZbzDvbPnuTJIUhPKKJE3cIsYTiAT3w==", + "version": "7.23.5", + "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.23.5.tgz", + "integrity": "sha512-CgH3s1a96LipHCmSUmYFPwY7MNx8C3avkq7i4Wl3cfa662ldtUe4VM1TPXX70pfmrlWTb6jLqTYrZyT2ZTJBgA==", "dependencies": { - "@babel/highlight": "^7.22.13", + "@babel/highlight": "^7.23.4", "chalk": "^2.4.2" }, "engines": { @@ -29,9 +29,9 @@ } }, "node_modules/@babel/highlight": { - "version": "7.22.20", - "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.22.20.tgz", - "integrity": "sha512-dkdMCN3py0+ksCgYmGG8jKeGA/8Tk+gJwSYYlFGxG5lmhfKNoAy004YpLxpS1W2J8m/EK2Ew+yOs9pVRwO89mg==", + "version": "7.23.4", + "resolved": "https://registry.npmjs.org/@babel/highlight/-/highlight-7.23.4.tgz", + "integrity": "sha512-acGdbYSfp2WheJoJm/EBBBLh/ID8KDc64ISZ9DYtBmC8/Q204PZJLHyzeB5qMzJ5trcOkybd78M4x2KWsUq++A==", "dependencies": { "@babel/helper-validator-identifier": "^7.22.20", "chalk": "^2.4.2", @@ -42,9 +42,9 @@ } }, "node_modules/@puppeteer/browsers": { - "version": "1.7.1", - "resolved": "https://registry.npmjs.org/@puppeteer/browsers/-/browsers-1.7.1.tgz", - "integrity": "sha512-nIb8SOBgDEMFY2iS2MdnUZOg2ikcYchRrBoF+wtdjieRFKR2uGRipHY/oFLo+2N6anDualyClPzGywTHRGrLfw==", + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/@puppeteer/browsers/-/browsers-1.8.0.tgz", + "integrity": "sha512-TkRHIV6k2D8OlUe8RtG+5jgOF/H98Myx0M6AOafC8DdNVOFiBSFa5cpRDtpm8LXOa9sVwe0+e6Q3FC56X/DZfg==", "dependencies": { "debug": "4.3.4", "extract-zip": "2.0.1", @@ -52,7 +52,7 @@ "proxy-agent": "6.3.1", "tar-fs": "3.0.4", "unbzip2-stream": "1.4.3", - "yargs": "17.7.1" + "yargs": "17.7.2" }, "bin": { "browsers": "lib/cjs/main-cli.js" @@ -67,15 +67,18 @@ "integrity": "sha512-C5Mc6rdnsaJDjO3UpGW/CQTHtCKaYlScZTly4JIu97Jxo/odCiH0ITnDXSJPTOrEKk/ycSZ0AOgTmkDtkOsvIA==" }, "node_modules/@types/node": { - "version": "20.7.2", - "resolved": "https://registry.npmjs.org/@types/node/-/node-20.7.2.tgz", - "integrity": "sha512-RcdC3hOBOauLP+r/kRt27NrByYtDjsXyAuSbR87O6xpsvi763WI+5fbSIvYJrXnt9w4RuxhV6eAXfIs7aaf/FQ==", - "optional": true + "version": "20.10.1", + "resolved": "https://registry.npmjs.org/@types/node/-/node-20.10.1.tgz", + "integrity": "sha512-T2qwhjWwGH81vUEx4EXmBKsTJRXFXNZTL4v0gi01+zyBmCwzE6TyHszqX01m+QHTEq+EZNo13NeJIdEqf+Myrg==", + "optional": true, + "dependencies": { + "undici-types": "~5.26.4" + } }, "node_modules/@types/yauzl": { - "version": "2.10.1", - "resolved": "https://registry.npmjs.org/@types/yauzl/-/yauzl-2.10.1.tgz", - "integrity": "sha512-CHzgNU3qYBnp/O4S3yv2tXPlvMTq0YWSTVg2/JYLqWZGHwwgJGAwd00poay/11asPq8wLFwHzubyInqHIFmmiw==", + "version": "2.10.3", + "resolved": "https://registry.npmjs.org/@types/yauzl/-/yauzl-2.10.3.tgz", + "integrity": "sha512-oJoftv0LSuaDZE3Le4DbKX+KS9G36NzOeSap90UIK0yMA/NhKJhqlSGtNDORNRaIbQfzjXDrQa0ytJ6mNRGz/Q==", "optional": true, "dependencies": { "@types/node": "*" @@ -212,9 +215,9 @@ } }, "node_modules/chromium-bidi": { - "version": "0.4.28", - "resolved": "https://registry.npmjs.org/chromium-bidi/-/chromium-bidi-0.4.28.tgz", - "integrity": "sha512-2HZ74QlAApJrEwcGlU/sUu0s4VS+FI3CJ09Toc9aE9VemMyhHZXeaROQgJKNRaYMUTUx6qIv1cLBs3F+vfgjSw==", + "version": "0.4.33", + "resolved": "https://registry.npmjs.org/chromium-bidi/-/chromium-bidi-0.4.33.tgz", + "integrity": "sha512-IxoFM5WGQOIAd95qrSXzJUv4eXIrh+RvU3rwwqIiwYuvfE7U/Llj4fejbsJnjJMUYCuGtVQsY2gv7oGl4aTNSQ==", "dependencies": { "mitt": "3.0.1", "urlpattern-polyfill": "9.0.0" @@ -283,9 +286,9 @@ } }, "node_modules/data-uri-to-buffer": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-5.0.1.tgz", - "integrity": "sha512-a9l6T1qqDogvvnw0nKlfZzqsyikEBZBClF39V3TFoKhDtGBqHu2HkuomJc02j5zft8zrUaXEuoicLeW54RkzPg==", + "version": "6.0.1", + "resolved": "https://registry.npmjs.org/data-uri-to-buffer/-/data-uri-to-buffer-6.0.1.tgz", + "integrity": "sha512-MZd3VlchQkp8rdend6vrx7MmVDJzSNTBvghvKjirLkD+WTChA3KUf0jkE68Q4UyctNqI11zZO9/x2Yx+ub5Cvg==", "engines": { "node": ">= 14" } @@ -320,9 +323,9 @@ } }, "node_modules/devtools-protocol": { - "version": "0.0.1179426", - "resolved": "https://registry.npmjs.org/devtools-protocol/-/devtools-protocol-0.0.1179426.tgz", - "integrity": "sha512-KKC7IGwdOr7u9kTGgjUvGTov/z1s2H7oHi3zKCdR9eSDyCPia5CBi4aRhtp7d8uR7l0GS5UTDw3TjKGu5CqINg==" + "version": "0.0.1203626", + "resolved": "https://registry.npmjs.org/devtools-protocol/-/devtools-protocol-0.0.1203626.tgz", + "integrity": "sha512-nEzHZteIUZfGCZtTiS1fRpC8UZmsfD1SiyPvaUNvS13dvKf666OAm8YTi0+Ca3n1nLEyu49Cy4+dPWpaHFJk9g==" }, "node_modules/emoji-regex": { "version": "8.0.0", @@ -477,12 +480,12 @@ } }, "node_modules/get-uri": { - "version": "6.0.1", - "resolved": "https://registry.npmjs.org/get-uri/-/get-uri-6.0.1.tgz", - "integrity": "sha512-7ZqONUVqaabogsYNWlYj0t3YZaL6dhuEueZXGF+/YVmf6dHmaFg8/6psJKqhx9QykIDKzpGcy2cn4oV4YC7V/Q==", + "version": "6.0.2", + "resolved": "https://registry.npmjs.org/get-uri/-/get-uri-6.0.2.tgz", + "integrity": "sha512-5KLucCJobh8vBY1K07EFV4+cPZH3mrV9YeAruUseCQKHB58SGjjT2l9/eA9LD082IiuMjSlFJEcdJ27TXvbZNw==", "dependencies": { "basic-ftp": "^5.0.2", - "data-uri-to-buffer": "^5.0.1", + "data-uri-to-buffer": "^6.0.0", "debug": "^4.3.4", "fs-extra": "^8.1.0" }, @@ -784,33 +787,33 @@ } }, "node_modules/puppeteer": { - "version": "21.3.6", - "resolved": "https://registry.npmjs.org/puppeteer/-/puppeteer-21.3.6.tgz", - "integrity": "sha512-ulK9+KLvdaVsG0EKbKyw/DCXCz88rsnrvIJg9tY8AmkGR01AxI4ZJTH9BJl1OE7cLfh2vxjBvY+xfvJod6rfgw==", + "version": "21.5.2", + "resolved": "https://registry.npmjs.org/puppeteer/-/puppeteer-21.5.2.tgz", + "integrity": "sha512-BaAGJOq8Fl6/cck6obmwaNLksuY0Bg/lIahCLhJPGXBFUD2mCffypa4A592MaWnDcye7eaHmSK9yot0pxctY8A==", "hasInstallScript": true, "dependencies": { - "@puppeteer/browsers": "1.7.1", + "@puppeteer/browsers": "1.8.0", "cosmiconfig": "8.3.6", - "puppeteer-core": "21.3.6" + "puppeteer-core": "21.5.2" }, "engines": { - "node": ">=16.3.0" + "node": ">=16.13.2" } }, "node_modules/puppeteer-core": { - "version": "21.3.6", - "resolved": "https://registry.npmjs.org/puppeteer-core/-/puppeteer-core-21.3.6.tgz", - "integrity": "sha512-ZH6tjTdRXwW2fx5W3jBbG+yUVQdDfZW1kjfwvWwMzsnKEli5ZwV70Zp97GOebHQHrK8zM3vX5VqI9sd48c9PnQ==", + "version": "21.5.2", + "resolved": "https://registry.npmjs.org/puppeteer-core/-/puppeteer-core-21.5.2.tgz", + "integrity": "sha512-v4T0cWnujSKs+iEfmb8ccd7u4/x8oblEyKqplqKnJ582Kw8PewYAWvkH4qUWhitN3O2q9RF7dzkvjyK5HbzjLA==", "dependencies": { - "@puppeteer/browsers": "1.7.1", - "chromium-bidi": "0.4.28", + "@puppeteer/browsers": "1.8.0", + "chromium-bidi": "0.4.33", "cross-fetch": "4.0.0", "debug": "4.3.4", - "devtools-protocol": "0.0.1179426", + "devtools-protocol": "0.0.1203626", "ws": "8.14.2" }, "engines": { - "node": ">=16.3.0" + "node": ">=16.13.2" } }, "node_modules/queue-tick": { @@ -884,9 +887,9 @@ } }, "node_modules/streamx": { - "version": "2.15.1", - "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.15.1.tgz", - "integrity": "sha512-fQMzy2O/Q47rgwErk/eGeLu/roaFWV0jVsogDmrszM9uIw8L5OA+t+V93MgYlufNptfjmYR1tOMWhei/Eh7TQA==", + "version": "2.15.5", + "resolved": "https://registry.npmjs.org/streamx/-/streamx-2.15.5.tgz", + "integrity": "sha512-9thPGMkKC2GctCzyCUjME3yR03x2xNo0GPKGkRw2UMYN+gqWa9uqpyNWhmsNCutU5zHmkUum0LsCRQTXUgUCAg==", "dependencies": { "fast-fifo": "^1.1.0", "queue-tick": "^1.0.1" @@ -971,6 +974,12 @@ "through": "^2.3.8" } }, + "node_modules/undici-types": { + "version": "5.26.5", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", + "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==", + "optional": true + }, "node_modules/universalify": { "version": "0.1.2", "resolved": "https://registry.npmjs.org/universalify/-/universalify-0.1.2.tgz", @@ -1078,9 +1087,9 @@ } }, "node_modules/yargs": { - "version": "17.7.1", - "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.1.tgz", - "integrity": "sha512-cwiTb08Xuv5fqF4AovYacTFNxk62th7LKJ6BL9IGUpTJrWoU7/7WdQGTP2SjKf1dUNBGzDd28p/Yfs/GI6JrLw==", + "version": "17.7.2", + "resolved": "https://registry.npmjs.org/yargs/-/yargs-17.7.2.tgz", + "integrity": "sha512-7dSzzRQ++CKnNI/krKnYRV7JKKPUXMEh61soaHKg9mrWEhzFWhFnxPxGl+69cD1Ou63C13NUPCnmIcrvqCuM6w==", "dependencies": { "cliui": "^8.0.1", "escalade": "^3.1.1", diff --git a/docs/quickstart-guide.md b/docs/quickstart-guide.md index 5fe1d95cf..41ac6424d 100644 --- a/docs/quickstart-guide.md +++ b/docs/quickstart-guide.md @@ -227,7 +227,7 @@ You will find more settings about reverse proxy in the [settings section](settin ```conf HTTP_PORT=80 HTTPS_PORT=443 - DNS_RESOLVERS=8.8.8.8 8.8.4.4 + DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 API_LISTEN_IP=127.0.0.1 SERVER_NAME=www.example.com USE_REVERSE_PROXY=yes @@ -268,7 +268,7 @@ You will find more settings about reverse proxy in the [settings section](settin ```conf HTTP_PORT=80 HTTPS_PORT=443 - DNS_RESOLVERS=8.8.8.8 8.8.4.4 + DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 API_LISTEN_IP=127.0.0.1 SERVER_NAME=www.example.com USE_REVERSE_PROXY=yes @@ -324,7 +324,7 @@ You will find more settings about reverse proxy in the [settings section](settin SERVER_NAME=www.example.com HTTP_PORT=80 HTTPS_PORT=443 - DNS_RESOLVERS=8.8.8.8 8.8.4.4 + DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 API_LISTEN_IP=127.0.0.1 USE_REVERSE_PROXY=yes REVERSE_PROXY_URL=/ @@ -660,7 +660,7 @@ You will find more settings about reverse proxy in the [settings section](settin ```conf HTTP_PORT=80 HTTPS_PORT=443 - DNS_RESOLVERS=8.8.8.8 8.8.4.4 + DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 API_LISTEN_IP=127.0.0.1 MULTISITE=yes SERVER_NAME=app1.example.com app2.example.com app3.example.com @@ -704,7 +704,7 @@ You will find more settings about reverse proxy in the [settings section](settin ```conf HTTP_PORT=80 HTTPS_PORT=443 - DNS_RESOLVERS=8.8.8.8 8.8.4.4 + DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 API_LISTEN_IP=127.0.0.1 MULTISITE=yes SERVER_NAME=app1.example.com app2.example.com app3.example.com @@ -760,7 +760,7 @@ You will find more settings about reverse proxy in the [settings section](settin ```conf HTTP_PORT=80 HTTPS_PORT=443 - DNS_RESOLVERS=8.8.8.8 8.8.4.4 + DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 API_LISTEN_IP=127.0.0.1 MULTISITE=yes SERVER_NAME=app1.example.com app2.example.com app3.example.com @@ -2204,7 +2204,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma ```conf HTTP_PORT=80 HTTPS_PORT=443 - DNS_RESOLVERS=8.8.8.8 8.8.4.4 + DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 API_LISTEN_IP=127.0.0.1 MULTISITE=yes SERVER_NAME=app1.example.com app2.example.com app3.example.com @@ -2246,7 +2246,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma ```conf HTTP_PORT=80 HTTPS_PORT=443 - DNS_RESOLVERS=8.8.8.8 8.8.4.4 + DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 API_LISTEN_IP=127.0.0.1 MULTISITE=yes SERVER_NAME=app1.example.com app2.example.com app3.example.com @@ -2296,7 +2296,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma ```conf HTTP_PORT=80 HTTPS_PORT=443 - DNS_RESOLVERS=8.8.8.8 8.8.4.4 + DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 API_LISTEN_IP=127.0.0.1 MULTISITE=yes SERVER_NAME=app1.example.com app2.example.com app3.example.com diff --git a/docs/settings.md b/docs/settings.md index 4ee85745d..e08aedd91 100644 --- a/docs/settings.md +++ b/docs/settings.md @@ -515,9 +515,10 @@ STREAM support :x: Integrate easily the BunkerWeb UI. -|Setting |Default| Context |Multiple|Description| -|--------|-------|---------|--------|-----------| -|`USE_UI`|`no` |multisite|no |Use UI | +| Setting |Default| Context |Multiple| Description | +|---------|-------|---------|--------|--------------------------------------------| +|`USE_UI` |`no` |multisite|no |Use UI | +|`UI_HOST`| |global |no |Address of the web UI used for initial setup| ### Whitelist diff --git a/docs/web-ui.md b/docs/web-ui.md index 22d80120c..d6c8abfb7 100644 --- a/docs/web-ui.md +++ b/docs/web-ui.md @@ -413,6 +413,7 @@ Because the web UI is a web application, the recommended installation procedure environment: - DATABASE_URI=mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db # Remember to set a stronger password for the database - DOCKER_HOST=tcp://bw-docker:2375 + - SWARM_MODE=yes - ADMIN_USERNAME=changeme - ADMIN_PASSWORD=changeme # Remember to set a stronger password for the changeme user networks: @@ -779,7 +780,6 @@ Because the web UI is a web application, the recommended installation procedure name: ingress annotations: bunkerweb.io/www.example.com_USE_UI: "yes" - bunkerweb.io/www.example.com_REVERSE_PROXY_INTERCEPT_ERRORS: "no" bunkerweb.io/www.example.com_INTERCEPTED_ERROR_CODES: '400 404 405 413 429 500 501 502 503 504' spec: rules: @@ -825,7 +825,7 @@ Because the web UI is a web application, the recommended installation procedure ```conf HTTP_PORT=80 HTTPS_PORT=443 - DNS_RESOLVERS=8.8.8.8 8.8.4.4 + DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 API_LISTEN_IP=127.0.0.1 SERVER_NAME=www.example.com MULTISITE=yes @@ -858,7 +858,7 @@ Because the web UI is a web application, the recommended installation procedure ```conf HTTP_PORT=80 HTTPS_PORT=443 - DNS_RESOLVERS=8.8.8.8 8.8.4.4 + DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 API_LISTEN_IP=127.0.0.1 SERVER_NAME=www.example.com MULTISITE=yes @@ -932,7 +932,7 @@ Because the web UI is a web application, the recommended installation procedure ```conf HTTP_PORT=80 HTTPS_PORT=443 - DNS_RESOLVERS=8.8.8.8 8.8.4.4 + DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 API_LISTEN_IP=127.0.0.1 SERVER_NAME=www.example.com MULTISITE=yes @@ -948,3 +948,677 @@ Because the web UI is a web application, the recommended installation procedure ```shell systemctl restart bunkerweb ``` + +## Setup Wizard + +!!! info "Information" + + The setup wizard will only be available if the `UI_HOST` setting is set. + +The setup wizard is a web UI feature that helps you to configure your **web UI reverse proxy** settings but also the **admin credentials**. It is available at the `/setup` URI of your web UI. + +=== "Docker" + + Follow the Installation section of the documentation to setup the web UI. If you want to use the setup wizard, you will need to set the `UI_HOST` setting to the hostname of your web UI container. For example, if your web UI container is named `bw-ui` and is listening on the `7000` port, you will need to set the `UI_HOST` setting to `http://bw-ui:7000`. + + Here is the docker-compose boilerplate that you can use (don't forget to edit the `changeme` data) : + + ```yaml + version: "3.5" + + services: + bunkerweb: + image: bunkerity/bunkerweb:1.5.3 + ports: + - 80:8080 + - 443:8443 + labels: + - "bunkerweb.INSTANCE=yes" + environment: + - SERVER_NAME= + - MULTISITE=yes + - API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24 + - SERVE_FILES=no + - DISABLE_DEFAULT_SERVER=yes + - USE_CLIENT_CACHE=yes + - USE_GZIP=yes + - UI_HOST=http://bw-ui:7000 # Remember to set the UI_HOST setting + networks: + - bw-universe + - bw-services + + bw-scheduler: + image: bunkerity/bunkerweb-scheduler:1.5.3 + depends_on: + - bunkerweb + - bw-docker + environment: + - DATABASE_URI=mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db # Remember to set a stronger password for the database + - DOCKER_HOST=tcp://bw-docker:2375 + networks: + - bw-universe + - bw-docker + + bw-docker: + image: tecnativa/docker-socket-proxy:nightly + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + environment: + - CONTAINERS=1 + - LOG_LEVEL=warning + networks: + - bw-docker + + bw-ui: + image: bunkerity/bunkerweb-ui:1.5.3 + depends_on: + - bw-docker + environment: + - DATABASE_URI=mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db # Remember to set a stronger password for the database + - DOCKER_HOST=tcp://bw-docker:2375 + networks: + - bw-universe + - bw-docker + + bw-db: + image: mariadb:10.10 + environment: + - MYSQL_RANDOM_ROOT_PASSWORD=yes + - MYSQL_DATABASE=db + - MYSQL_USER=bunkerweb + - MYSQL_PASSWORD=changeme # Remember to set a stronger password for the database + volumes: + - bw-data:/var/lib/mysql + networks: + - bw-docker + + volumes: + bw-data: + + networks: + bw-universe: + name: bw-universe + ipam: + driver: default + config: + - subnet: 10.20.30.0/24 + bw-services: + name: bw-services + bw-docker: + name: bw-docker + ``` + +=== "Docker autoconf" + + Follow the Installation section of the documentation to setup the web UI. If you want to use the setup wizard, you will need to set the `UI_HOST` setting to the hostname of your web UI container. For example, if your web UI container is named `bw-ui` and is listening on the `7000` port, you will need to set the `UI_HOST` setting to `http://bw-ui:7000`. + + Here is the docker-compose boilerplate that you can use (don't forget to edit the `changeme` data) : + + ```yaml + version: "3.5" + + services: + bunkerweb: + image: bunkerity/bunkerweb:1.5.3 + ports: + - 80:8080 + - 443:8443 + labels: + - "bunkerweb.INSTANCE=yes" + environment: + - SERVER_NAME= + - DATABASE_URI=mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db + - AUTOCONF_MODE=yes + - MULTISITE=yes + - API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24 + - UI_HOST=http://bw-ui:7000 # Remember to set the UI_HOST setting + networks: + - bw-universe + - bw-services + + bw-autoconf: + image: bunkerity/bunkerweb-autoconf:1.5.3 + depends_on: + - bunkerweb + - bw-docker + environment: + - AUTOCONF_MODE=yes + - DATABASE_URI=mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db + - DOCKER_HOST=tcp://bw-docker:2375 + networks: + - bw-universe + - bw-docker + + bw-scheduler: + image: bunkerity/bunkerweb-scheduler:1.5.3 + depends_on: + - bunkerweb + - bw-docker + environment: + - AUTOCONF_MODE=yes + - DOCKER_HOST=tcp://bw-docker:2375 + - DATABASE_URI=mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db + networks: + - bw-universe + - bw-docker + + bw-docker: + image: tecnativa/docker-socket-proxy:nightly + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + environment: + - CONTAINERS=1 + - LOG_LEVEL=warning + networks: + - bw-docker + + bw-db: + image: mariadb:10.10 + environment: + - MYSQL_RANDOM_ROOT_PASSWORD=yes + - MYSQL_DATABASE=db + - MYSQL_USER=bunkerweb + - MYSQL_PASSWORD=changeme + volumes: + - bw-data:/var/lib/mysql + networks: + - bw-docker + + bw-ui: + image: bunkerity/bunkerweb-ui:1.5.3 + networks: + bw-docker: + bw-universe: + aliases: + - bw-ui + environment: + - AUTOCONF_MODE=yes + - DOCKER_HOST=tcp://bw-docker:2375 + - DATABASE_URI=mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db + + volumes: + bw-data: + + networks: + bw-universe: + name: bw-universe + ipam: + driver: default + config: + - subnet: 10.20.30.0/24 + bw-services: + name: bw-services + bw-docker: + name: bw-docker + ``` + +=== "Swarm" + + Follow the Installation section of the documentation to setup the web UI. If you want to use the setup wizard, you will need to set the `UI_HOST` setting to the hostname of your web UI container. For example, if your web UI container is named `bw-ui` and is listening on the `7000` port, you will need to set the `UI_HOST` setting to `http://bw-ui:7000`. + + Here is the stack boilerplate that you can use (don't forget to edit the `changeme` data) : + + ```yaml + version: "3.5" + + services: + bunkerweb: + image: bunkerity/bunkerweb:1.5.3 + ports: + - published: 80 + target: 8080 + mode: host + protocol: tcp + - published: 443 + target: 8443 + mode: host + protocol: tcp + environment: + - SERVER_NAME= + - DATABASE_URI=mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db + - SWARM_MODE=yes + - MULTISITE=yes + - USE_REDIS=yes + - REDIS_HOST=bw-redis + - API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24 + - UI_HOST=http://bw-ui:7000 # Remember to set the UI_HOST setting + networks: + - bw-universe + - bw-services + deploy: + mode: global + placement: + constraints: + - "node.role == worker" + labels: + - "bunkerweb.INSTANCE=yes" + + bw-autoconf: + image: bunkerity/bunkerweb-autoconf:1.5.3 + environment: + - SWARM_MODE=yes + - DOCKER_HOST=tcp://bw-docker:2375 + - DATABASE_URI=mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db + networks: + - bw-universe + - bw-docker + + bw-docker: + image: tecnativa/docker-socket-proxy:nightly + volumes: + - /var/run/docker.sock:/var/run/docker.sock:ro + environment: + - CONFIGS=1 + - CONTAINERS=1 + - SERVICES=1 + - SWARM=1 + - TASKS=1 + - LOG_LEVEL=warning + networks: + - bw-docker + deploy: + placement: + constraints: + - "node.role == manager" + + bw-scheduler: + image: bunkerity/bunkerweb-scheduler:1.5.3 + environment: + - SWARM_MODE=yes + - DOCKER_HOST=tcp://bw-docker:2375 + - DATABASE_URI=mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db + networks: + - bw-universe + - bw-docker + + bw-db: + image: mariadb:10.10 + environment: + - MYSQL_RANDOM_ROOT_PASSWORD=yes + - MYSQL_DATABASE=db + - MYSQL_USER=bunkerweb + - MYSQL_PASSWORD=changeme + volumes: + - bw-data:/var/lib/mysql + networks: + - bw-docker + + bw-redis: + image: redis:7-alpine + networks: + - bw-universe + + bw-ui: + image: bunkerity/bunkerweb-ui:1.5.3 + environment: + - SWARM_MODE=yes + - DOCKER_HOST=tcp://bw-docker:2375 + - DATABASE_URI=mariadb+pymysql://bunkerweb:changeme@bw-db:3306/db # Remember to set a stronger password for the database + networks: + - bw-universe + - bw-docker + + volumes: + bw-data: + + networks: + bw-universe: + name: bw-universe + driver: overlay + attachable: true + ipam: + config: + - subnet: 10.20.30.0/24 + bw-services: + name: bw-services + driver: overlay + attachable: true + bw-docker: + name: bw-docker + driver: overlay + attachable: true + ``` + +=== "Kubernetes" + + Follow the Installation section of the documentation to setup the web UI. If you want to use the setup wizard, you will need to set the `UI_HOST` setting to the hostname of your web UI container. For example, if your web UI container is named `bunkerweb-ui` and is listening on the `7000` port, you will need to set the `UI_HOST` setting to `http://svc-bunkerweb-ui:7000`. + + Here is the yaml boilerplate that you can use (don't forget to edit the `changeme` data) : + + ```yaml + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRole + metadata: + name: cr-bunkerweb + rules: + - apiGroups: [""] + resources: ["services", "pods", "configmaps"] + verbs: ["get", "watch", "list"] + - apiGroups: ["networking.k8s.io"] + resources: ["ingresses"] + verbs: ["get", "watch", "list"] + --- + apiVersion: v1 + kind: ServiceAccount + metadata: + name: sa-bunkerweb + --- + apiVersion: rbac.authorization.k8s.io/v1 + kind: ClusterRoleBinding + metadata: + name: crb-bunkerweb + subjects: + - kind: ServiceAccount + name: sa-bunkerweb + namespace: default + apiGroup: "" + roleRef: + kind: ClusterRole + name: cr-bunkerweb + apiGroup: rbac.authorization.k8s.io + --- + apiVersion: apps/v1 + kind: DaemonSet + metadata: + name: bunkerweb + spec: + selector: + matchLabels: + app: bunkerweb + template: + metadata: + labels: + app: bunkerweb + # mandatory annotation + annotations: + bunkerweb.io/INSTANCE: "yes" + spec: + containers: + # using bunkerweb as name is mandatory + - name: bunkerweb + image: bunkerity/bunkerweb:1.5.3 + imagePullPolicy: Always + securityContext: + runAsUser: 101 + runAsGroup: 101 + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + ports: + - containerPort: 8080 + hostPort: 80 + - containerPort: 8443 + hostPort: 443 + env: + - name: KUBERNETES_MODE + value: "yes" + # replace with your DNS resolvers + # e.g. : kube-dns.kube-system.svc.cluster.local + - name: DNS_RESOLVERS + value: "coredns.kube-system.svc.cluster.local" + - name: USE_API + value: "yes" + # 10.0.0.0/8 is the cluster internal subnet + - name: API_WHITELIST_IP + value: "127.0.0.0/8 10.0.0.0/8" + - name: SERVER_NAME + value: "" + - name: MULTISITE + value: "yes" + - name: USE_REDIS + value: "yes" + - name: REDIS_HOST + value: "svc-bunkerweb-redis.default.svc.cluster.local" + # Remember to set the UI_HOST setting + - name: UI_HOST + value: "http://svc-bunkerweb-ui:7000" + livenessProbe: + exec: + command: + - /usr/share/bunkerweb/helpers/healthcheck.sh + initialDelaySeconds: 30 + periodSeconds: 5 + timeoutSeconds: 1 + failureThreshold: 3 + readinessProbe: + exec: + command: + - /usr/share/bunkerweb/helpers/healthcheck.sh + initialDelaySeconds: 30 + periodSeconds: 1 + timeoutSeconds: 1 + failureThreshold: 3 + --- + apiVersion: apps/v1 + kind: Deployment + metadata: + name: bunkerweb-controller + spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: bunkerweb-controller + template: + metadata: + labels: + app: bunkerweb-controller + spec: + serviceAccountName: sa-bunkerweb + containers: + - name: bunkerweb-controller + image: bunkerity/bunkerweb-autoconf:1.5.3 + imagePullPolicy: Always + env: + - name: KUBERNETES_MODE + value: "yes" + - name: "DATABASE_URI" + value: "mariadb+pymysql://bunkerweb:changeme@svc-bunkerweb-db:3306/db" + --- + apiVersion: apps/v1 + kind: Deployment + metadata: + name: bunkerweb-scheduler + spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: bunkerweb-scheduler + template: + metadata: + labels: + app: bunkerweb-scheduler + spec: + serviceAccountName: sa-bunkerweb + containers: + - name: bunkerweb-scheduler + image: bunkerity/bunkerweb-scheduler:1.5.3 + imagePullPolicy: Always + env: + - name: KUBERNETES_MODE + value: "yes" + - name: "DATABASE_URI" + value: "mariadb+pymysql://bunkerweb:changeme@svc-bunkerweb-db:3306/db" + --- + apiVersion: apps/v1 + kind: Deployment + metadata: + name: bunkerweb-redis + spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: bunkerweb-redis + template: + metadata: + labels: + app: bunkerweb-redis + spec: + containers: + - name: bunkerweb-redis + image: redis:7-alpine + imagePullPolicy: Always + --- + apiVersion: apps/v1 + kind: Deployment + metadata: + name: bunkerweb-db + spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: bunkerweb-db + template: + metadata: + labels: + app: bunkerweb-db + spec: + containers: + - name: bunkerweb-db + image: mariadb:10.10 + imagePullPolicy: Always + env: + - name: MYSQL_RANDOM_ROOT_PASSWORD + value: "yes" + - name: "MYSQL_DATABASE" + value: "db" + - name: "MYSQL_USER" + value: "bunkerweb" + - name: "MYSQL_PASSWORD" + value: "changeme" + volumeMounts: + - mountPath: "/var/lib/mysql" + name: vol-db + volumes: + - name: vol-db + persistentVolumeClaim: + claimName: pvc-bunkerweb + --- + apiVersion: apps/v1 + kind: Deployment + metadata: + name: bunkerweb-ui + spec: + replicas: 1 + strategy: + type: Recreate + selector: + matchLabels: + app: bunkerweb-ui + template: + metadata: + labels: + app: bunkerweb-ui + spec: + containers: + - name: bunkerweb-ui + image: bunkerity/bunkerweb-ui:1.5.3 + imagePullPolicy: Always + env: + - name: KUBERNETES_MODE + value: "YES" + - name: "DATABASE_URI" + value: "mariadb+pymysql://bunkerweb:testor@svc-bunkerweb-db:3306/db" + --- + apiVersion: v1 + kind: Service + metadata: + name: svc-bunkerweb + spec: + clusterIP: None + selector: + app: bunkerweb + --- + apiVersion: v1 + kind: Service + metadata: + name: svc-bunkerweb-db + spec: + type: ClusterIP + selector: + app: bunkerweb-db + ports: + - name: sql + protocol: TCP + port: 3306 + targetPort: 3306 + --- + apiVersion: v1 + kind: Service + metadata: + name: svc-bunkerweb-redis + spec: + type: ClusterIP + selector: + app: bunkerweb-redis + ports: + - name: redis + protocol: TCP + port: 6379 + targetPort: 6379 + --- + apiVersion: v1 + kind: Service + metadata: + name: svc-bunkerweb-ui + spec: + type: ClusterIP + selector: + app: bunkerweb-ui + ports: + - name: http + protocol: TCP + port: 7000 + targetPort: 7000 + --- + apiVersion: v1 + kind: PersistentVolumeClaim + metadata: + name: pvc-bunkerweb + spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: 5Gi + volumeName: pv-bunkerweb + ``` + +=== "Linux - Ansible - Vagrant" + + Follow the Installation section of the documentation to setup the web UI. If you want to use the setup wizard, you will need to set the `UI_HOST` setting to the hostname of your web UI. In this case, you will need to set the `UI_HOST` setting to `http://127.0.0.1:7000`. + + Here is the `/etc/bunkerweb/variables.env` boilerplate you can use : + + ```conf + HTTP_PORT=80 + HTTPS_PORT=443 + DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4 + API_LISTEN_IP=127.0.0.1 + SERVER_NAME= + MULTISITE=yes + UI_HOST=http://127.0.0.1:7000 # Remember to set the UI_HOST setting + ``` + + As for the wizard to be available, the web UI needs to not have an `ADMIN_USERNAME` or an `ADMIN_PASSWORD` set. If you have already set those variables, you will need to unset them : + + ```shell + truncate -s 0 /etc/bunkerweb/ui.env + ``` + + Remember to restart the `bunkerweb` and `bunkerweb-ui` services : + + ```shell + systemctl restart bunkerweb + systemctl restart bunkerweb-ui + ``` + + You can now access the setup wizard at the URL `http://127.0.0.1/setup`.