Elgato_dark/bunkerweb
1
0
Fork 0
mirror of https://github.com/bunkerity/bunkerweb synced 2026-05-24 09:28:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'dev' into staging

Browse source
This commit is contained in:
florian 2023-10-30 16:37:17 +01:00
commit f9f616a66f
No known key found for this signature in database
GPG key ID: 93EE47CC3D061500
170 changed files with 1166 additions and 379 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
.github/workflows/codeql.yml vendored
View file

@ -21,11 +21,11 @@ jobs:
- name: Checkout repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Initialize CodeQL
uses: github/codeql-action/init@49abf0ba24d0b7953cb586944e918a0b92074c80 # v2.22.4
uses: github/codeql-action/init@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5
with:
languages: ${{ matrix.language }}
config-file: ./.github/codeql.yml
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@49abf0ba24d0b7953cb586944e918a0b92074c80 # v2.22.4
uses: github/codeql-action/analyze@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5
with:
category: "/language:${{matrix.language}}"

2
.github/workflows/push-packagecloud.yml vendored
View file

@ -42,7 +42,7 @@ jobs:
- name: Check out repository code
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Install ruby
uses: ruby/setup-ruby@cd48c8e22733480b66887b42bfeb6c0b88ea1a56 # v1.158.0
uses: ruby/setup-ruby@54a18e26dbbb1eabc604f317ade9a5788dddef81 # v1.159.0
with:
ruby-version: "3.0"
- name: Install packagecloud

2
.github/workflows/scorecards-analysis.yml vendored
View file

@ -25,6 +25,6 @@ jobs:
results_format: sarif
publish_results: true
- name: "Upload SARIF results to code scanning"
uses: github/codeql-action/upload-sarif@49abf0ba24d0b7953cb586944e918a0b92074c80 # v2.22.4
uses: github/codeql-action/upload-sarif@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5
with:
sarif_file: results.sarif

1
.github/workflows/test-core-linux.yml vendored
View file

@ -81,6 +81,7 @@ jobs:
echo "HTTP_PORT=80" | sudo tee -a /etc/bunkerweb/variables.env
echo "HTTPS_PORT=443" | sudo tee -a /etc/bunkerweb/variables.env
echo 'DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4' | sudo tee -a /etc/bunkerweb/variables.env
echo 'API_LISTEN_IP=127.0.0.1' | sudo tee -a /etc/bunkerweb/variables.env
echo "USE_BUNKERNET=no" | sudo tee -a /etc/bunkerweb/variables.env
echo "USE_BLACKLIST=no" | sudo tee -a /etc/bunkerweb/variables.env
echo "LOG_LEVEL=info" | sudo tee -a /etc/bunkerweb/variables.env

1
.github/workflows/tests-ui-linux.yml vendored
View file

@ -75,6 +75,7 @@ jobs:
echo "HTTP_PORT=80" | sudo tee -a /etc/bunkerweb/variables.env
echo "HTTPS_PORT=443" | sudo tee -a /etc/bunkerweb/variables.env
echo 'DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4' | sudo tee -a /etc/bunkerweb/variables.env
echo 'API_LISTEN_IP=127.0.0.1' | sudo tee -a /etc/bunkerweb/variables.env
echo "MULTISITE=yes" | sudo tee -a /etc/bunkerweb/variables.env
echo "LOG_LEVEL=info" | sudo tee -a /etc/bunkerweb/variables.env
echo "USE_BUNKERNET=no" | sudo tee -a /etc/bunkerweb/variables.env

9
docs/quickstart-guide.md
View file

@ -228,6 +228,7 @@ You will find more settings about reverse proxy in the [settings section](settin
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
SERVER_NAME=www.example.com
USE_REVERSE_PROXY=yes
REVERSE_PROXY_URL=/
@ -268,6 +269,7 @@ You will find more settings about reverse proxy in the [settings section](settin
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
SERVER_NAME=www.example.com
USE_REVERSE_PROXY=yes
REVERSE_PROXY_URL=/
@ -323,6 +325,7 @@ You will find more settings about reverse proxy in the [settings section](settin
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
USE_REVERSE_PROXY=yes
REVERSE_PROXY_URL=/
REVERSE_PROXY_HOST=http://127.0.0.1:8000
@ -658,6 +661,7 @@ You will find more settings about reverse proxy in the [settings section](settin
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
MULTISITE=yes
SERVER_NAME=app1.example.com app2.example.com app3.example.com
USE_REVERSE_PROXY=yes
@ -701,6 +705,7 @@ You will find more settings about reverse proxy in the [settings section](settin
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
MULTISITE=yes
SERVER_NAME=app1.example.com app2.example.com app3.example.com
USE_REVERSE_PROXY=yes
@ -756,6 +761,7 @@ You will find more settings about reverse proxy in the [settings section](settin
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
MULTISITE=yes
SERVER_NAME=app1.example.com app2.example.com app3.example.com
USE_REVERSE_PROXY=yes
@ -2199,6 +2205,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
MULTISITE=yes
SERVER_NAME=app1.example.com app2.example.com app3.example.com
app1.example.com_LOCAL_PHP=/run/php/php-fpm.sock
@ -2240,6 +2247,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
MULTISITE=yes
SERVER_NAME=app1.example.com app2.example.com app3.example.com
app1.example.com_LOCAL_PHP=/run/php/php-fpm.sock
@ -2289,6 +2297,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
MULTISITE=yes
SERVER_NAME=app1.example.com app2.example.com app3.example.com
app1.example.com_LOCAL_PHP=/run/php/php-fpm.sock

2
docs/requirements.in
View file

@ -1,5 +1,5 @@
mike==1.1.2
mkdocs==1.5.3
mkdocs-material==9.4.6
mkdocs-material==9.4.7
mkdocs-print-site-plugin==2.3.6
pytablewriter==1.2.0

6
docs/requirements.txt
View file

@ -236,9 +236,9 @@ mkdocs==1.5.3 \
# -r requirements.in
# mike
# mkdocs-material
mkdocs-material==9.4.6 \
--hash=sha256:09665e60df7ee9e5ff3a54af173f6d45be718b1ee7dd962bcff3102b81fb0c14 \
--hash=sha256:78802035d5768a78139c84ad7dce0c6493e8f7dc4861727d36ed91d1520a54da
mkdocs-material==9.4.7 \
--hash=sha256:4d698d52bb6a6a3c452ab854481c4cdb68453a0420956a6aee2de55fe15fe610 \
--hash=sha256:e704e001c9ef17291e1d3462c202425217601653e18f68f85d28eff4690e662b
# via
# -r requirements.in
# mkdocs-print-site-plugin

4
docs/web-ui.md
View file

@ -823,10 +823,10 @@ Because the web UI is a web application, the recommended installation procedure
Here is the `/etc/bunkerweb/variables.env` boilerplate you can use :
```conf
API_LISTEN_IP=127.0.0.1
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
SERVER_NAME=www.example.com
MULTISITE=yes
www.example.com_USE_UI=yes
@ -859,6 +859,7 @@ Because the web UI is a web application, the recommended installation procedure
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
SERVER_NAME=www.example.com
MULTISITE=yes
www.example.com_USE_UI=yes
@ -932,6 +933,7 @@ Because the web UI is a web application, the recommended installation procedure
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
SERVER_NAME=www.example.com
MULTISITE=yes
www.example.com_USE_UI=yes

1
examples/authelia/variables.env
View file

@ -1,6 +1,7 @@
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
MULTISITE=yes
# Replace with your domains
SERVER_NAME=auth.example.com app1.example.com app2.example.com

1
examples/behind-reverse-proxy/variables.env
View file

@ -1,4 +1,5 @@
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
# replace with your domains
SERVER_NAME=www.example.com
# real IP settings

1
examples/cors/variables.env
View file

@ -1,6 +1,7 @@
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
MULTISITE=yes
# Replace with your domains
SERVER_NAME=app1.example.com app2.example.com app3.example.com

1
examples/drupal/variables.env
View file

@ -1,6 +1,7 @@
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
# Replace with your domain
SERVER_NAME=www.example.com
DISABLE_DEFAULT_SERVER=yes

1
examples/joomla/variables.env
View file

@ -1,6 +1,7 @@
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
# Replace with your domain
SERVER_NAME=www.example.com
DISABLE_DEFAULT_SERVER=yes

1
examples/moodle/variables.env
View file

@ -1,6 +1,7 @@
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
# Replace with your domain
SERVER_NAME=www.example.com
DISABLE_DEFAULT_SERVER=yes

1
examples/nextcloud/variables.env
View file

@ -1,6 +1,7 @@
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
# Replace with your domain
SERVER_NAME=www.example.com
DISABLE_DEFAULT_SERVER=yes

1
examples/php-cookie-flags/variables.env
View file

@ -1,6 +1,7 @@
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
# Replace with your domain
SERVER_NAME=www.example.com
DISABLE_DEFAULT_SERVER=yes

1
examples/php-multisite/variables.env
View file

@ -1,6 +1,7 @@
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
# Replace with your domain
SERVER_NAME=app1.example.com app2.example.com
MULTISITE=yes

1
examples/php-singlesite/variables.env
View file

@ -1,6 +1,7 @@
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
# Replace with your domain
SERVER_NAME=www.example.com
DISABLE_DEFAULT_SERVER=yes

1
examples/proxy-protocol/variables.env
View file

@ -1,4 +1,5 @@
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
# replace with your domains
SERVER_NAME=www.example.com
# real IP settings

1
examples/wordpress/variables.env
View file

@ -1,6 +1,7 @@
HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
API_LISTEN_IP=127.0.0.1
# Replace with your domain
SERVER_NAME=www.example.com
DISABLE_DEFAULT_SERVER=yes

4
src/common/confs/api.conf
View file

@ -2,9 +2,9 @@ server {
server_name {{ API_SERVER_NAME }};
# HTTP listen
listen {{ API_LISTEN_IP }}:{{ API_HTTP_PORT }};
listen {{ API_LISTEN_IP }}:{{ API_HTTP_PORT }} reuseport;
{% if API_LISTEN_IP != "127.0.0.1" +%}
listen 127.0.0.1:{{ API_HTTP_PORT }};
listen 127.0.0.1:{{ API_HTTP_PORT }} reuseport;
{% endif %}
# maximum body size for API

2
src/common/core/letsencrypt/jobs/certbot-deploy.py
View file

@ -97,7 +97,7 @@ try:
else:
if (
run(
["sudo", join(sep, "usr", "sbin", "nginx"), "-s", "reload"],
[join(sep, "usr", "sbin", "nginx"), "-s", "reload"],
stdin=DEVNULL,
stderr=STDOUT,
check=False,

2
src/common/db/requirements.txt
View file

@ -170,6 +170,7 @@ psycopg2-binary==2.9.9 \
--hash=sha256:4686818798f9194d03c9129a4d9a702d9e113a89cb03bffe08c6cf799e053291 \
--hash=sha256:57fede879f08d23c85140a360c6a77709113efd1c993923c59fde17aa27599fe \
--hash=sha256:60989127da422b74a04345096c10d416c2b41bd7bf2a380eb541059e4e999980 \
--hash=sha256:64cf30263844fa208851ebb13b0732ce674d8ec6a0c86a4e160495d299ba3c93 \
--hash=sha256:68fc1f1ba168724771e38bee37d940d2865cb0f562380a1fb1ffb428b75cb692 \
--hash=sha256:6e6f98446430fdf41bd36d4faa6cb409f5140c1c2cf58ce0bbdaf16af7d3f119 \
--hash=sha256:729177eaf0aefca0994ce4cffe96ad3c75e377c7b6f4efa59ebf003b6d398716 \
@ -179,6 +180,7 @@ psycopg2-binary==2.9.9 \
--hash=sha256:78151aa3ec21dccd5cdef6c74c3e73386dcdfaf19bced944169697d7ac7482fc \
--hash=sha256:7f01846810177d829c7692f1f5ada8096762d9172af1b1a28d4ab5b77c923c1c \
--hash=sha256:804d99b24ad523a1fe18cc707bf741670332f7c7412e9d49cb5eab67e886b9b5 \
--hash=sha256:81ff62668af011f9a48787564ab7eded4e9fb17a4a6a74af5ffa6a457400d2ab \
--hash=sha256:8359bf4791968c5a78c56103702000105501adb557f3cf772b2c207284273984 \
--hash=sha256:83791a65b51ad6ee6cf0845634859d69a038ea9b03d7b26e703f94c7e93dbcf9 \
--hash=sha256:8532fd6e6e2dc57bcb3bc90b079c60de896d2128c5d9d6f24a63875a95a088cf \

2
src/common/gen/main.py
View file

@ -194,7 +194,7 @@ if __name__ == "__main__":
sleep(5)
proc = run(
["sudo", join(sep, "usr", "sbin", "nginx"), "-s", "reload"],
[join(sep, "usr", "sbin", "nginx"), "-s", "reload"],
stdin=DEVNULL,
stderr=STDOUT,
)

2
src/common/gen/requirements.in
View file

@ -3,4 +3,4 @@ jinja2==3.1.2
kubernetes==28.1.0
python-dotenv==1.0.0
redis==5.0.1
urllib3==1.26.18
urllib3<2.0.0

2
src/deps/requirements-deps.in
View file

@ -4,4 +4,4 @@ pip-tools==7.3.0
pip-upgrader==1.4.15
setuptools==68.2.2
tomli==2.0.1
wheel==0.41.2
wheel==0.41.3

6
src/deps/requirements-deps.txt
View file

@ -185,9 +185,9 @@ urllib3==2.0.7 \
--hash=sha256:c97dfde1f7bd43a71c8d2a58e369e9b2bf692d1334ea9f9cae55add7d0dd0f84 \
--hash=sha256:fdb6d215c776278489906c2f8916e6e7d4f5a9b602ccbcfdf7f016fc8da0596e
# via requests
wheel==0.41.2 \
--hash=sha256:0c5ac5ff2afb79ac23ab82bab027a0be7b5dbcf2e54dc50efe4bf507de1f7985 \
--hash=sha256:75909db2664838d015e3d9139004ee16711748a52c8f336b52882266540215d8
wheel==0.41.3 \
--hash=sha256:488609bc63a29322326e05560731bf7bfea8e48ad646e1f5e40d366607de0942 \
--hash=sha256:4d4987ce51a49370ea65c0bfd2234e8ce80a12780820d9dc462597a6e60d0841
# via
# -r requirements-deps.in
# pip-tools

2
src/deps/requirements.in
View file

@ -1,4 +1,4 @@
pip==23.3.1
pip-tools==7.3.0
setuptools==68.2.2
wheel==0.41.2
wheel==0.41.3

6
src/deps/requirements.txt
View file

@ -47,9 +47,9 @@ tomli==2.0.1 \
# build
# pip-tools
# pyproject-hooks
wheel==0.41.2 \
--hash=sha256:0c5ac5ff2afb79ac23ab82bab027a0be7b5dbcf2e54dc50efe4bf507de1f7985 \
--hash=sha256:75909db2664838d015e3d9139004ee16711748a52c8f336b52882266540215d8
wheel==0.41.3 \
--hash=sha256:488609bc63a29322326e05560731bf7bfea8e48ad646e1f5e40d366607de0942 \
--hash=sha256:4d4987ce51a49370ea65c0bfd2234e8ce80a12780820d9dc462597a6e60d0841
# via
# -r requirements.in
# pip-tools

4
src/linux/scripts/postinstall.sh
View file

@ -21,8 +21,8 @@ do_and_check_cmd chown -R nginx:nginx /usr/share/bunkerweb /var/cache/bunkerweb
# Stop and disable nginx on boot
echo "Stop and disable nginx on boot..."
do_and_check_cmd systemctl stop bunkerweb
do_and_check_cmd systemctl disable bunkerweb
do_and_check_cmd systemctl stop nginx
do_and_check_cmd systemctl disable nginx
# Auto start BW service on boot and start it now
echo "Enabling and starting bunkerweb service..."

8
src/linux/scripts/start.sh
View file

@ -96,7 +96,7 @@ function start() {
# Create dummy variables.env
if [ ! -f /etc/bunkerweb/variables.env ]; then
sudo -E -u nginx -g nginx /bin/bash -c "echo -ne '# remove IS_LOADING=yes when your config is ready\nIS_LOADING=yes\nUSE_BUNKERNET=no\nDNS_RESOLVERS=8.8.8.8 8.8.4.4\nHTTP_PORT=80\nHTTPS_PORT=443\nAPI_LISTEN_IP=127.0.0.1\nSERVER_NAME=\n' > /etc/bunkerweb/variables.env"
sudo -E -u nginx -g nginx /bin/bash -c "echo -ne '# remove IS_LOADING=yes when your config is ready\nIS_LOADING=yes\nDNS_RESOLVERS=8.8.8.8 8.8.4.4\nHTTP_PORT=80\nHTTPS_PORT=443\nAPI_LISTEN_IP=127.0.0.1\nSERVER_NAME=\n' > /etc/bunkerweb/variables.env"
log "SYSTEMCTL" "" "Created dummy variables.env file"
fi
@ -111,6 +111,10 @@ function start() {
if [ "$DNS_RESOLVERS" = "" ] ; then
DNS_RESOLVERS="8.8.8.8 8.8.4.4"
fi
API_LISTEN_IP="$(grep "^API_LISTEN_IP=" /etc/bunkerweb/variables.env | cut -d '=' -f 2)"
if [ "$API_LISTEN_IP" = "" ] ; then
API_LISTEN_IP="127.0.0.1"
fi
API_HTTP_PORT="$(grep "^API_HTTP_PORT=" /etc/bunkerweb/variables.env | cut -d '=' -f 2)"
if [ "$API_HTTP_PORT" = "" ] ; then
API_HTTP_PORT="5000"
@ -147,7 +151,7 @@ function start() {
if [ "$HTTPS_PORT" = "" ] ; then
HTTPS_PORT="443"
fi
sudo -E -u nginx -g nginx /bin/bash -c "echo -ne 'IS_LOADING=yes\nUSE_BUNKERNET=no\nSERVER_NAME=\nDNS_RESOLVERS=${DNS_RESOLVERS}\nAPI_HTTP_PORT=${API_HTTP_PORT}\nAPI_SERVER_NAME=${API_SERVER_NAME}\nAPI_WHITELIST_IP=${API_WHITELIST_IP}\nUSE_REAL_IP=${USE_REAL_IP}\nUSE_PROXY_PROTOCOL=${USE_PROXY_PROTOCOL}\nREAL_IP_FROM=${REAL_IP_FROM}\nREAL_IP_HEADER=${REAL_IP_HEADER}\nHTTP_PORT=${HTTP_PORT}\nHTTPS_PORT=${HTTPS_PORT}\n' > /var/tmp/bunkerweb/tmp.env"
sudo -E -u nginx -g nginx /bin/bash -c "echo -ne 'IS_LOADING=yes\nUSE_BUNKERNET=no\nSERVER_NAME=\nDNS_RESOLVERS=${DNS_RESOLVERS}\nAPI_HTTP_PORT=${API_HTTP_PORT}\nAPI_LISTEN_IP=${API_LISTEN_IP}\nAPI_SERVER_NAME=${API_SERVER_NAME}\nAPI_WHITELIST_IP=${API_WHITELIST_IP}\nUSE_REAL_IP=${USE_REAL_IP}\nUSE_PROXY_PROTOCOL=${USE_PROXY_PROTOCOL}\nREAL_IP_FROM=${REAL_IP_FROM}\nREAL_IP_HEADER=${REAL_IP_HEADER}\nHTTP_PORT=${HTTP_PORT}\nHTTPS_PORT=${HTTPS_PORT}\n' > /var/tmp/bunkerweb/tmp.env"
sudo -E -u nginx -g nginx /bin/bash -c "PYTHONPATH=/usr/share/bunkerweb/deps/python/ /usr/share/bunkerweb/gen/main.py --variables /var/tmp/bunkerweb/tmp.env --no-linux-reload"
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then

78
src/scheduler/main.py
View file

@ -21,7 +21,7 @@ from pathlib import Path
from shutil import copy, rmtree
from signal import SIGINT, SIGTERM, signal, SIGHUP
from stat import S_IEXEC
from subprocess import run as subprocess_run, DEVNULL, STDOUT
from subprocess import run as subprocess_run, DEVNULL, STDOUT, PIPE
from sys import path as sys_path
from tarfile import open as tar_open
from threading import Thread
@ -524,46 +524,62 @@ if __name__ == "__main__":
else:
logger.error("Error while reloading nginx")
else:
# Stop temp nginx
logger.info("Stopping temp nginx ...")
# Reload nginx
logger.info("Reloading nginx ...")
proc = subprocess_run(
[join(sep, "usr", "sbin", "nginx"), "-s", "stop"],
[join(sep, "usr", "sbin", "nginx"), "-s", "reload"],
stdin=DEVNULL,
stderr=STDOUT,
env=env.copy(),
check=False,
stdout=PIPE
)
if proc.returncode == 0:
logger.info("Successfully sent stop signal to temp nginx")
i = 0
while i < 20:
if not Path(sep, "var", "run", "bunkerweb", "nginx.pid").is_file():
break
logger.warning("Waiting for temp nginx to stop ...")
sleep(1)
i += 1
if i >= 20:
logger.error("Timeout error while waiting for temp nginx to stop")
else:
# Start nginx
logger.info("Starting nginx ...")
proc = subprocess_run(
[join(sep, "usr", "sbin", "nginx")],
stdin=DEVNULL,
stderr=STDOUT,
env=env.copy(),
check=False,
)
if proc.returncode == 0:
logger.info("Successfully started nginx")
else:
logger.error(
f"Error while starting nginx - returncode: {proc.returncode} - error: {proc.stderr.decode('utf-8') if proc.stderr else 'Missing stderr'}",
)
logger.info("Successfully sent reload signal to nginx")
else:
logger.error(
f"Error while sending stop signal to temp nginx - returncode: {proc.returncode} - error: {proc.stderr.decode('utf-8') if proc.stderr else 'Missing stderr'}",
f"Error while reloading nginx - returncode: {proc.returncode} - error: {proc.stdout.decode('utf-8') if proc.stdout else 'no output'}",
)
# # Stop temp nginx
# logger.info("Stopping temp nginx ...")
# proc = subprocess_run(
# [join(sep, "usr", "sbin", "nginx"), "-s", "stop"],
# stdin=DEVNULL,
# stderr=STDOUT,
# env=env.copy(),
# check=False,
# )
# if proc.returncode == 0:
# logger.info("Successfully sent stop signal to temp nginx")
# i = 0
# while i < 20:
# if not Path(sep, "var", "run", "bunkerweb", "nginx.pid").is_file():
# break
# logger.warning("Waiting for temp nginx to stop ...")
# sleep(1)
# i += 1
# if i >= 20:
# logger.error("Timeout error while waiting for temp nginx to stop")
# else:
# # Start nginx
# logger.info("Starting nginx ...")
# proc = subprocess_run(
# [join(sep, "usr", "sbin", "nginx"), "-e", "/var/log/bunkerweb/error.log"],
# stdin=DEVNULL,
# stderr=STDOUT,
# env=env.copy(),
# check=False,
# )
# if proc.returncode == 0:
# logger.info("Successfully started nginx")
# else:
# logger.error(
# f"Error while starting nginx - returncode: {proc.returncode} - error: {proc.stderr.decode('utf-8') if proc.stderr else 'Missing stderr'}",
# )
# else:
# logger.error(
# f"Error while sending stop signal to temp nginx - returncode: {proc.returncode} - error: {proc.stderr.decode('utf-8') if proc.stderr else 'Missing stderr'}",
# )
except:
logger.error(
f"Exception while reloading after running jobs once scheduling : {format_exc()}",

2
src/scheduler/requirements.in
View file

@ -4,4 +4,4 @@ cryptography==41.0.5
maxminddb==2.4.0
python-magic==0.4.27
schedule==1.2.1
urllib3==1.26.18
urllib3<2.0.0

2
src/ui/requirements.in
View file

@ -1,7 +1,7 @@
bcrypt==4.0.1
beautifulsoup4==4.12.2
Flask==3.0.0
Flask-Login @ https://github.com/maxcountryman/flask-login/archive/7d98a49bc38d0849367b348bfe37a2b689323419.zip#sha256=62db8eeeae5170f0d9b54d401d63b1a19d0df8944db9ae5332b350bc284f108b
Flask-Login==0.6.3
Flask_WTF==1.2.1
gunicorn[gthread]==21.2.0
importlib-metadata==6.8.0

5
src/ui/requirements.txt
View file

@ -46,8 +46,9 @@ flask==3.0.0 \
# -r requirements.in
# flask-login
# flask-wtf
flask-login @ https://github.com/maxcountryman/flask-login/archive/7d98a49bc38d0849367b348bfe37a2b689323419.zip#sha256=62db8eeeae5170f0d9b54d401d63b1a19d0df8944db9ae5332b350bc284f108b \
--hash=sha256:62db8eeeae5170f0d9b54d401d63b1a19d0df8944db9ae5332b350bc284f108b
flask-login==0.6.3 \
--hash=sha256:5e23d14a607ef12806c699590b89d0f0e0d67baeec599d75947bf9c147330333 \
--hash=sha256:849b25b82a436bf830a054e74214074af59097171562ab10bfa999e6b78aae5d
# via -r requirements.in
flask-wtf==1.2.1 \
--hash=sha256:8bb269eb9bb46b87e7c8233d7e7debdf1f8b74bf90cc1789988c29b37a97b695 \

6
src/ui/src/Instances.py
View file

@ -60,7 +60,7 @@ class Instance:
if self._type == "local":
return (
run(
[join(sep, "usr", "sbin", "nginx")],
[join(sep, "usr", "sbin", "nginx"), "-e", "/var/log/bunkerweb/error.log"],
stdin=DEVNULL,
stderr=STDOUT,
check=False,
@ -96,7 +96,7 @@ class Instance:
return False
return (
run(
[join(sep, "usr", "sbin", "nginx")],
[join(sep, "usr", "sbin", "nginx"), "-e", "/var/log/bunkerweb/error.log"],
stdin=DEVNULL,
stderr=STDOUT,
check=False,
@ -126,7 +126,7 @@ class Instances:
# Docker instances (containers or services)
if self.__docker_client is not None:
for instance in self.__docker_client.containers.list(all=True, filters={"label": "bunkerweb.INSTANCE"}):
env_variables = {x[0]: x[1] for x in [env.split("=") for env in instance.attrs["Config"]["Env"]]}
env_variables = {x[0]: (x[1] if len(x) > 1 else "") for x in [env.split("=") for env in instance.attrs["Config"]["Env"]]}
instances.append(
Instance(

9
tests/core/antibot/docker-compose.yml
View file

@ -19,6 +19,15 @@ services:
# ? ANTIBOT settings
USE_ANTIBOT: "no"
ANTIBOT_URI: "/challenge"
CUSTOM_CONF_SERVER_HTTP_ready: |
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:

8
tests/core/antibot/main.py
View file

@ -14,13 +14,15 @@ try:
retries = 0
while not ready:
with suppress(RequestException):
status_code = get("http://www.example.com", headers={"Host": "www.example.com"}).status_code
resp = get("http://www.example.com/ready", headers={"Host": "www.example.com"})
status_code = resp.status_code
text = resp.text
if status_code >= 500:
if resp.status_code >= 500:
print("❌ An error occurred with the server, exiting ...", flush=True)
exit(1)
ready = status_code < 400
ready = status_code < 400 and text == "ready"
if retries > 10:
print("❌ The service took too long to be ready, exiting ...", flush=True)

8
tests/core/antibot/ready.conf Normal file
View file

@ -0,0 +1,8 @@
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}

6
tests/core/antibot/requirements.txt
View file

@ -124,9 +124,9 @@ idna==3.4 \
# via
# requests
# trio
outcome==1.3.0 \
--hash=sha256:588ef4dc10b64e8df160d8d1310c44e1927129a66d6d2ef86845cef512c5f24c \
--hash=sha256:7b688fd82db72f4b0bc9e883a00359d4d4179cd97d27f09c9644d0c842ba7786
outcome==1.3.0.post0 \
--hash=sha256:9dcf02e65f2971b80047b377468e72a268e15c0af3cf1238e6ff14f7f91143b8 \
--hash=sha256:e771c5ce06d1415e356078d3bdd68523f284b4ce5419828922b6871e65eda82b
# via trio
pysocks==1.7.1 \
--hash=sha256:08e69f092cc6dbe92a0fdd16eeb9b9ffbc13cadfe5ca4c7bd92ffb078b293299 \

1
tests/core/antibot/test.sh
View file

@ -31,6 +31,7 @@ else
echo "USE_ANTIBOT=no" | sudo tee -a /etc/bunkerweb/variables.env
echo "ANTIBOT_URI=/challenge" | sudo tee -a /etc/bunkerweb/variables.env
sudo touch /var/www/html/index.html
sudo cp ready.conf /etc/bunkerweb/configs/server-http
fi
manual=0

9
tests/core/authbasic/docker-compose.yml
View file

@ -21,6 +21,15 @@ services:
AUTH_BASIC_LOCATION: "sitewide"
AUTH_BASIC_USER: "bunkerity"
AUTH_BASIC_PASSWORD: "Secr3tP@ssw0rd"
CUSTOM_CONF_SERVER_HTTP_ready: |
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:

6
tests/core/authbasic/main.py
View file

@ -14,13 +14,15 @@ try:
retries = 0
while not ready:
with suppress(RequestException):
status_code = get("http://www.example.com", headers={"Host": "www.example.com"}).status_code
resp = get("http://www.example.com/ready", headers={"Host": "www.example.com"})
status_code = resp.status_code
text = resp.text
if status_code >= 500:
print("❌ An error occurred with the server, exiting ...", flush=True)
exit(1)
ready = status_code <= 401
ready = status_code <= 401 and text == "ready"
if retries > 10:
print("❌ The service took too long to be ready, exiting ...", flush=True)

8
tests/core/authbasic/ready.conf Normal file
View file

@ -0,0 +1,8 @@
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}

6
tests/core/authbasic/requirements.txt
View file

@ -124,9 +124,9 @@ idna==3.4 \
# via
# requests
# trio
outcome==1.3.0 \
--hash=sha256:588ef4dc10b64e8df160d8d1310c44e1927129a66d6d2ef86845cef512c5f24c \
--hash=sha256:7b688fd82db72f4b0bc9e883a00359d4d4179cd97d27f09c9644d0c842ba7786
outcome==1.3.0.post0 \
--hash=sha256:9dcf02e65f2971b80047b377468e72a268e15c0af3cf1238e6ff14f7f91143b8 \
--hash=sha256:e771c5ce06d1415e356078d3bdd68523f284b4ce5419828922b6871e65eda82b
# via trio
pysocks==1.7.1 \
--hash=sha256:08e69f092cc6dbe92a0fdd16eeb9b9ffbc13cadfe5ca4c7bd92ffb078b293299 \

1
tests/core/authbasic/test.sh
View file

@ -33,6 +33,7 @@ else
echo "AUTH_BASIC_USER=bunkerity" | sudo tee -a /etc/bunkerweb/variables.env
echo "AUTH_BASIC_PASSWORD=Secr3tP@ssw0rd" | sudo tee -a /etc/bunkerweb/variables.env
sudo wget -O /var/www/html/index.html https://github.com/nginxinc/NGINX-Demos/raw/master/nginx-hello-nonroot/html-version/index.html
sudo cp ready.conf /etc/bunkerweb/configs/server-http
fi
manual=0

9
tests/core/badbehavior/docker-compose.yml
View file

@ -21,6 +21,15 @@ services:
BAD_BEHAVIOR_BAN_TIME: "86400"
BAD_BEHAVIOR_THRESHOLD: "10"
BAD_BEHAVIOR_COUNT_TIME: "60"
CUSTOM_CONF_SERVER_HTTP_ready: |
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:

1
tests/core/badbehavior/index.html
View file

@ -0,0 +1 @@
ready

6
tests/core/badbehavior/main.py
View file

@ -13,13 +13,15 @@ try:
retries = 0
while not ready:
with suppress(RequestException):
status_code = get("http://www.example.com", headers={"Host": "www.example.com"}).status_code
resp = get("http://www.example.com/ready", headers={"Host": "www.example.com"})
status_code = resp.status_code
text = resp.text
if status_code >= 500:
print("❌ An error occurred with the server, exiting ...", flush=True)
exit(1)
ready = status_code < 400
ready = status_code < 400 and text == "ready"
if retries > 10:
print("❌ The service took too long to be ready, exiting ...", flush=True)

8
tests/core/badbehavior/ready.conf Normal file
View file

@ -0,0 +1,8 @@
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}

1
tests/core/badbehavior/test.sh
View file

@ -36,6 +36,7 @@ else
echo "BAD_BEHAVIOR_COUNT_TIME=60" | sudo tee -a /etc/bunkerweb/variables.env
sudo touch /var/www/html/index.html
export TEST_TYPE="linux"
sudo cp ready.conf /etc/bunkerweb/configs/server-http
fi
manual=0

2
tests/core/blacklist/api/requirements.in
View file

@ -1,2 +1,2 @@
fastapi==0.104.0
fastapi==0.104.1
uvicorn[standard]==0.23.2

6
tests/core/blacklist/api/requirements.txt
View file

@ -23,9 +23,9 @@ exceptiongroup==1.1.3 \
--hash=sha256:097acd85d473d75af5bb98e41b61ff7fe35efe6675e4f9370ec6ec5126d160e9 \
--hash=sha256:343280667a4585d195ca1cf9cef84a4e178c4b6cf2274caef9859782b567d5e3
# via anyio
fastapi==0.104.0 \
--hash=sha256:456482c1178fb7beb2814b88e1885bc49f9a81f079665016feffe3e1c6a7663e \
--hash=sha256:9c44de45693ae037b0c6914727a29c49a40668432b67c859a87851fc6a7b74c6
fastapi==0.104.1 \
--hash=sha256:752dc31160cdbd0436bb93bad51560b57e525cbb1d4bbf6f4904ceee75548241 \
--hash=sha256:e5e4540a7c5e1dcfbbcf5b903c234feddcdcd881f191977a1c5dfd917487e7ae
# via -r requirements.in
h11==0.14.0 \
--hash=sha256:8f19fbbe99e72420ff35c00b27a34cb9937e902a8b810e2c88300c6f0a3b699d \

9
tests/core/blacklist/docker-compose.yml
View file

@ -37,6 +37,15 @@ services:
BLACKLIST_IGNORE_USER_AGENT_URLS: ""
BLACKLIST_IGNORE_URI: ""
BLACKLIST_IGNORE_URI_URLS: ""
CUSTOM_CONF_SERVER_HTTP_ready: |
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:

6
tests/core/blacklist/main.py
View file

@ -10,13 +10,15 @@ try:
retries = 0
while not ready:
with suppress(RequestException):
status_code = get("http://www.example.com", headers={"Host": "www.example.com"}).status_code
resp = get("http://www.example.com/ready", headers={"Host": "www.example.com"})
status_code = resp.status_code
text = resp.text
if status_code >= 500:
print("❌ An error occurred with the server, exiting ...", flush=True)
exit(1)
ready = status_code < 400 or status_code == 403
ready = status_code < 400 or status_code == 403 and text == "ready"
if retries > 10:
print("❌ The service took too long to be ready, exiting ...", flush=True)

8
tests/core/blacklist/ready.conf Normal file
View file

@ -0,0 +1,8 @@
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}

1
tests/core/blacklist/test.sh
View file

@ -65,6 +65,7 @@ else
echo "BLACKLIST_IGNORE_URI_URLS=" | sudo tee -a /etc/bunkerweb/variables.env
sudo touch /var/www/html/index.html
export TEST_TYPE="linux"
sudo cp ready.conf /etc/bunkerweb/configs/server-http
fi
manual=0

9
tests/core/brotli/docker-compose.yml
View file

@ -18,6 +18,15 @@ services:
# ? BROTLI settings
USE_BROTLI: "no"
CUSTOM_CONF_SERVER_HTTP_ready: |
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:

6
tests/core/brotli/main.py
View file

@ -10,13 +10,15 @@ try:
retries = 0
while not ready:
with suppress(RequestException):
status_code = get("http://www.example.com", headers={"Host": "www.example.com"}).status_code
resp = get("http://www.example.com/ready", headers={"Host": "www.example.com"})
status_code = resp.status_code
text = resp.text
if status_code >= 500:
print("❌ An error occurred with the server, exiting ...", flush=True)
exit(1)
ready = status_code < 400
ready = status_code < 400 and text == "ready"
if retries > 10:
print("❌ The service took too long to be ready, exiting ...", flush=True)

8
tests/core/brotli/ready.conf Normal file
View file

@ -0,0 +1,8 @@
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}

1
tests/core/brotli/test.sh
View file

@ -30,6 +30,7 @@ else
sudo systemctl stop bunkerweb
echo "USE_BROTLI=no" | sudo tee -a /etc/bunkerweb/variables.env
sudo touch /var/www/html/index.html
sudo cp ready.conf /etc/bunkerweb/configs/server-http
fi
manual=0

2
tests/core/bunkernet/api/requirements.in
View file

@ -1,2 +1,2 @@
fastapi==0.104.0
fastapi==0.104.1
uvicorn[standard]==0.23.2

6
tests/core/bunkernet/api/requirements.txt
View file

@ -23,9 +23,9 @@ exceptiongroup==1.1.3 \
--hash=sha256:097acd85d473d75af5bb98e41b61ff7fe35efe6675e4f9370ec6ec5126d160e9 \
--hash=sha256:343280667a4585d195ca1cf9cef84a4e178c4b6cf2274caef9859782b567d5e3
# via anyio
fastapi==0.104.0 \
--hash=sha256:456482c1178fb7beb2814b88e1885bc49f9a81f079665016feffe3e1c6a7663e \
--hash=sha256:9c44de45693ae037b0c6914727a29c49a40668432b67c859a87851fc6a7b74c6
fastapi==0.104.1 \
--hash=sha256:752dc31160cdbd0436bb93bad51560b57e525cbb1d4bbf6f4904ceee75548241 \
--hash=sha256:e5e4540a7c5e1dcfbbcf5b903c234feddcdcd881f191977a1c5dfd917487e7ae
# via -r requirements.in
h11==0.14.0 \
--hash=sha256:8f19fbbe99e72420ff35c00b27a34cb9937e902a8b810e2c88300c6f0a3b699d \

9
tests/core/bunkernet/docker-compose.yml
View file

@ -17,6 +17,15 @@ services:
# ? BUNKERNET settings
USE_BUNKERNET: "yes"
BUNKERNET_SERVER: "http://bunkernet-api:8080"
CUSTOM_CONF_SERVER_HTTP_ready: |
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:

6
tests/core/bunkernet/main.py
View file

@ -10,13 +10,15 @@ try:
retries = 0
while not ready:
with suppress(RequestException):
status_code = get("http://www.example.com", headers={"Host": "www.example.com"}).status_code
resp = get("http://www.example.com/ready", headers={"Host": "www.example.com"})
status_code = resp.status_code
text = resp.text
if status_code >= 500:
print("❌ An error occurred with the server, exiting ...", flush=True)
exit(1)
ready = status_code < 400
ready = status_code < 400 and text == "ready"
if retries > 10:
print("❌ The service took too long to be ready, exiting ...", flush=True)

8
tests/core/bunkernet/ready.conf Normal file
View file

@ -0,0 +1,8 @@
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}

1
tests/core/bunkernet/test.sh
View file

@ -46,6 +46,7 @@ else
export BUNKERNET_SERVER="http://127.0.0.1:8080"
sudo touch /var/www/html/index.html
python3 api/main.py &
sudo cp ready.conf /etc/bunkerweb/configs/server-http
fi
manual=0

9
tests/core/bwcli/docker-compose.yml
View file

@ -15,6 +15,15 @@ services:
LOG_LEVEL: "info"
USE_REDIS: "yes"
REDIS_HOST: "bw-redis"
CUSTOM_CONF_SERVER_HTTP_ready: |
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}
networks:
- bw-universe

8
tests/core/bwcli/ready.conf Normal file
View file

@ -0,0 +1,8 @@
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}

1
tests/core/bwcli/test.sh
View file

@ -45,6 +45,7 @@ else
export USE_REDIS="yes"
export REDIS_HOST="127.0.0.1"
sudo touch /var/www/html/index.html
sudo cp ready.conf /etc/bunkerweb/configs/server-http
fi
cleanup_stack () {

9
tests/core/clientcache/docker-compose.yml
View file

@ -20,6 +20,15 @@ services:
CLIENT_CACHE_EXTENSIONS: "jpg|jpeg|png|bmp|ico|svg|tif|css|js|otf|ttf|eot|woff|woff2"
CLIENT_CACHE_ETAG: "yes"
CLIENT_CACHE_CONTROL: "public, max-age=15552000"
CUSTOM_CONF_SERVER_HTTP_ready: |
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:

6
tests/core/clientcache/main.py
View file

@ -10,13 +10,15 @@ try:
retries = 0
while not ready:
with suppress(RequestException):
status_code = get("http://www.example.com/image.png", headers={"Host": "www.example.com"}).status_code
resp = get("http://www.example.com/ready", headers={"Host": "www.example.com"})
status_code = resp.status_code
text = resp.text
if status_code >= 500:
print("❌ An error occurred with the server, exiting ...", flush=True)
exit(1)
ready = status_code < 400
ready = status_code < 400 and text == "ready"
if retries > 10:
print("❌ The service took too long to be ready, exiting ...", flush=True)

8
tests/core/clientcache/ready.conf Normal file
View file

@ -0,0 +1,8 @@
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}

1
tests/core/clientcache/test.sh
View file

@ -34,6 +34,7 @@ else
echo "CLIENT_CACHE_CONTROL=public, max-age=15552000" | sudo tee -a /etc/bunkerweb/variables.env
sudo touch /var/www/html/index.html
sudo cp image.png /var/www/html/image.png
sudo cp ready.conf /etc/bunkerweb/configs/server-http
fi
manual=0

9
tests/core/cors/docker-compose.yml
View file

@ -30,6 +30,15 @@ services:
CORS_ALLOW_CREDENTIALS: "no"
CORS_ALLOW_METHODS: "GET, POST, OPTIONS"
CORS_ALLOW_HEADERS: "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range"
CUSTOM_CONF_SERVER_HTTP_ready: |
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:

12
tests/core/cors/main.py
View file

@ -14,18 +14,20 @@ try:
ready = False
retries = 0
while not ready:
with suppress(RequestException):
status_code = get(
f"http{'s' if ssl else ''}://www.example.com",
with suppress(RequestException):
resp = get(
f"http{'s' if ssl else ''}://www.example.com/ready",
headers={"Host": "www.example.com"},
verify=False,
).status_code
)
status_code = resp.status_code
text = resp.text
if status_code >= 500:
print("❌ An error occurred with the server, exiting ...", flush=True)
exit(1)
ready = status_code < 400
ready = status_code < 400 and text == "ready"
if retries > 10:
print("❌ The service took too long to be ready, exiting ...", flush=True)

8
tests/core/cors/ready.conf Normal file
View file

@ -0,0 +1,8 @@
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}

6
tests/core/cors/requirements.txt
View file

@ -124,9 +124,9 @@ idna==3.4 \
# via
# requests
# trio
outcome==1.3.0 \
--hash=sha256:588ef4dc10b64e8df160d8d1310c44e1927129a66d6d2ef86845cef512c5f24c \
--hash=sha256:7b688fd82db72f4b0bc9e883a00359d4d4179cd97d27f09c9644d0c842ba7786
outcome==1.3.0.post0 \
--hash=sha256:9dcf02e65f2971b80047b377468e72a268e15c0af3cf1238e6ff14f7f91143b8 \
--hash=sha256:e771c5ce06d1415e356078d3bdd68523f284b4ce5419828922b6871e65eda82b
# via trio
pysocks==1.7.1 \
--hash=sha256:08e69f092cc6dbe92a0fdd16eeb9b9ffbc13cadfe5ca4c7bd92ffb078b293299 \

1
tests/core/cors/test.sh
View file

@ -43,6 +43,7 @@ else
echo "CORS_ALLOW_CREDENTIALS=no" | sudo tee -a /etc/bunkerweb/variables.env
echo "CORS_ALLOW_METHODS=GET, POST, OPTIONS" | sudo tee -a /etc/bunkerweb/variables.env
echo "CORS_ALLOW_HEADERS=DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range" | sudo tee -a /etc/bunkerweb/variables.env
sudo cp ready.conf /etc/bunkerweb/configs/server-http
fi
manual=0

9
tests/core/country/docker-compose.yml
View file

@ -18,6 +18,15 @@ services:
# ? COUNTRY settings
BLACKLIST_COUNTRY: ""
WHITELIST_COUNTRY: ""
CUSTOM_CONF_SERVER_HTTP_ready: |
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-us-network:

6
tests/core/country/main.py
View file

@ -10,13 +10,15 @@ try:
retries = 0
while not ready:
with suppress(RequestException):
status_code = get("http://www.example.com", headers={"Host": "www.example.com"}).status_code
resp = get("http://www.example.com/ready", headers={"Host": "www.example.com"})
status_code = resp.status_code
text = resp.text
if status_code >= 500:
print("❌ An error occurred with the server, exiting ...", flush=True)
exit(1)
ready = status_code < 400 or status_code == 403
ready = status_code < 400 or status_code == 403 and text == "ready"
if retries > 10:
print("❌ The service took too long to be ready, exiting ...", flush=True)

8
tests/core/country/ready.conf Normal file
View file

@ -0,0 +1,8 @@
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}

1
tests/core/country/test.sh
View file

@ -36,6 +36,7 @@ else
sudo touch /var/www/html/index.html
export COUNTRY=""
export TEST_TYPE="linux"
sudo cp ready.conf /etc/bunkerweb/configs/server-http
fi
manual=0

9
tests/core/customcert/docker-compose.yml
View file

@ -20,6 +20,15 @@ services:
USE_CUSTOM_SSL: "no"
CUSTOM_SSL_CERT: "/certs/certificate.pem"
CUSTOM_SSL_KEY: "/certs/privatekey.key"
CUSTOM_CONF_SERVER_HTTP_ready: |
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:

33
tests/core/customcert/main.py
View file

@ -1,9 +1,38 @@
from contextlib import suppress
from os import getenv
from requests import get
from requests.exceptions import RequestException
from requests import RequestException, get
from traceback import format_exc
from time import sleep
try:
ready = False
retries = 0
while not ready:
with suppress(RequestException):
resp = get(
f"http://www.example.com/ready",
headers={"Host": "www.example.com"},
verify=False,
allow_redirects=True
)
status_code = resp.status_code
text = resp.text
if status_code >= 500:
print("❌ An error occurred with the server, exiting ...", flush=True)
exit(1)
ready = status_code < 400 and text == "ready"
if retries > 10:
print("❌ The service took too long to be ready, exiting ...", flush=True)
exit(1)
elif not ready:
retries += 1
print("⚠️ Waiting for the service to be ready, retrying in 5s ...", flush=True)
sleep(5)
use_custom_ssl = getenv("USE_CUSTOM_SSL", "no") == "yes"
print(

8
tests/core/customcert/ready.conf Normal file
View file

@ -0,0 +1,8 @@
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}

2
tests/core/customcert/requirements.in
View file

@ -1 +1,3 @@
requests==2.31.0
selenium==4.14.0
urllib3[socks]==2.0.7

65
tests/core/customcert/requirements.txt
View file

@ -4,10 +4,18 @@
#
# pip-compile --allow-unsafe --generate-hashes --strip-extras requirements.in
#
attrs==23.1.0 \
--hash=sha256:1f28b4522cdc2fb4256ac1a020c78acf9cba2c6b461ccd2c126f3aa8e8335d04 \
--hash=sha256:6279836d581513a26f1bf235f9acd333bc9115683f14f7e8fae46c98fc50e015
# via
# outcome
# trio
certifi==2023.7.22 \
--hash=sha256:539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082 \
--hash=sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9
# via requests
# via
# requests
# selenium
charset-normalizer==3.3.1 \
--hash=sha256:06cf46bdff72f58645434d467bf5228080801298fbba19fe268a01b4534467f5 \
--hash=sha256:0c8c61fb505c7dad1d251c284e712d4e0372cef3b067f7ddf82a7fa82e1e9a93 \
@ -100,15 +108,66 @@ charset-normalizer==3.3.1 \
--hash=sha256:f6a02a3c7950cafaadcd46a226ad9e12fc9744652cc69f9e5534f98b47f3bbcf \
--hash=sha256:fe81b35c33772e56f4b6cf62cf4aedc1762ef7162a31e6ac7fe5e40d0149eb67
# via requests
exceptiongroup==1.1.3 \
--hash=sha256:097acd85d473d75af5bb98e41b61ff7fe35efe6675e4f9370ec6ec5126d160e9 \
--hash=sha256:343280667a4585d195ca1cf9cef84a4e178c4b6cf2274caef9859782b567d5e3
# via
# trio
# trio-websocket
h11==0.14.0 \
--hash=sha256:8f19fbbe99e72420ff35c00b27a34cb9937e902a8b810e2c88300c6f0a3b699d \
--hash=sha256:e3fe4ac4b851c468cc8363d500db52c2ead036020723024a109d37346efaa761
# via wsproto
idna==3.4 \
--hash=sha256:814f528e8dead7d329833b91c5faa87d60bf71824cd12a7530b5526063d02cb4 \
--hash=sha256:90b77e79eaa3eba6de819a0c442c0b4ceefc341a7a2ab77d7562bf49f425c5c2
# via requests
# via
# requests
# trio
outcome==1.3.0.post0 \
--hash=sha256:9dcf02e65f2971b80047b377468e72a268e15c0af3cf1238e6ff14f7f91143b8 \
--hash=sha256:e771c5ce06d1415e356078d3bdd68523f284b4ce5419828922b6871e65eda82b
# via trio
pysocks==1.7.1 \
--hash=sha256:08e69f092cc6dbe92a0fdd16eeb9b9ffbc13cadfe5ca4c7bd92ffb078b293299 \
--hash=sha256:2725bd0a9925919b9b51739eea5f9e2bae91e83288108a9ad338b2e3a4435ee5 \
--hash=sha256:3f8804571ebe159c380ac6de37643bb4685970655d3bba243530d6558b799aa0
# via urllib3
requests==2.31.0 \
--hash=sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f \
--hash=sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1
# via -r requirements.in
selenium==4.14.0 \
--hash=sha256:0d14b0d9842366f38fb5f8f842cf7c042bcfa062affc6a0a86e4d634bdd0fe54 \
--hash=sha256:be9824a9354a7fe288e3fad9ceb6a9c65ddc7c44545d23ad0ebf4ce202b19893
# via -r requirements.in
sniffio==1.3.0 \
--hash=sha256:e60305c5e5d314f5389259b7f22aaa33d8f7dee49763119234af3755c55b9101 \
--hash=sha256:eecefdce1e5bbfb7ad2eeaabf7c1eeb404d7757c379bd1f7e5cce9d8bf425384
# via trio
sortedcontainers==2.4.0 \
--hash=sha256:25caa5a06cc30b6b83d11423433f65d1f9d76c4c6a0c90e3379eaa43b9bfdb88 \
--hash=sha256:a163dcaede0f1c021485e957a39245190e74249897e2ae4b2aa38595db237ee0
# via trio
trio==0.22.2 \
--hash=sha256:3887cf18c8bcc894433420305468388dac76932e9668afa1c49aa3806b6accb3 \
--hash=sha256:f43da357620e5872b3d940a2e3589aa251fd3f881b65a608d742e00809b1ec38
# via
# selenium
# trio-websocket
trio-websocket==0.11.1 \
--hash=sha256:18c11793647703c158b1f6e62de638acada927344d534e3c7628eedcb746839f \
--hash=sha256:520d046b0d030cf970b8b2b2e00c4c2245b3807853ecd44214acd33d74581638
# via selenium
urllib3==2.0.7 \
--hash=sha256:c97dfde1f7bd43a71c8d2a58e369e9b2bf692d1334ea9f9cae55add7d0dd0f84 \
--hash=sha256:fdb6d215c776278489906c2f8916e6e7d4f5a9b602ccbcfdf7f016fc8da0596e
# via requests
# via
# -r requirements.in
# requests
# selenium
# urllib3
wsproto==1.2.0 \
--hash=sha256:ad565f26ecb92588a3e43bc3d96164de84cd9902482b130d0ddbaa9664a85065 \
--hash=sha256:b9acddd652b585d75b20477888c56642fdade28bdfd3579aa24a4d2c037dd736
# via trio-websocket

1
tests/core/customcert/test.sh
View file

@ -32,6 +32,7 @@ else
echo "CUSTOM_SSL_CERT=/tmp/certificate.pem" | sudo tee -a /etc/bunkerweb/variables.env
echo "CUSTOM_SSL_KEY=/tmp/privatekey.key" | sudo tee -a /etc/bunkerweb/variables.env
sudo touch /var/www/html/index.html
sudo cp ready.conf /etc/bunkerweb/configs/server-http
fi
manual=0

9
tests/core/db/docker-compose.yml
View file

@ -18,6 +18,15 @@ services:
REVERSE_PROXY_URL: "/"
LOG_LEVEL: "info"
CUSTOM_CONF_MODSEC_test_custom_conf: 'SecRule REQUEST_FILENAME "@rx ^/db" "id:10000,ctl:ruleRemoveByTag=attack-generic,ctl:ruleRemoveByTag=attack-protocol,nolog"'
CUSTOM_CONF_SERVER_HTTP_ready: |
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:

4
tests/core/db/main.py
View file

@ -179,6 +179,8 @@ try:
global_values = session.query(Global_values).all()
for global_value in global_values:
if global_value.setting_id == "API_LISTEN_IP":
continue
if global_value.setting_id in global_settings:
if global_value.value != global_settings[global_value.setting_id]["value"]:
print(
@ -550,6 +552,8 @@ try:
)
for custom_config in custom_configs:
if custom_config.name == "ready":
continue
if not multisite and custom_config.name in global_custom_configs and custom_config.service_id:
print(
f"❌ The custom config {custom_config.name} is in the database but should not be owned by the service {custom_config.service_id} because multisite is not enabled, exiting ...",

8
tests/core/db/ready.conf Normal file
View file

@ -0,0 +1,8 @@
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}

123
tests/core/db/requirements.txt
View file

@ -83,69 +83,64 @@ cryptography==41.0.5 \
--hash=sha256:ec3b055ff8f1dce8e6ef28f626e0972981475173d7973d63f271b29c8a2897da \
--hash=sha256:fba1e91467c65fe64a82c689dc6cf58151158993b13eb7a7f3f4b7f395636723
# via -r requirements.in
greenlet==3.0.0 \
--hash=sha256:02a807b2a58d5cdebb07050efe3d7deaf915468d112dfcf5e426d0564aa3aa4a \
--hash=sha256:0b72b802496cccbd9b31acea72b6f87e7771ccfd7f7927437d592e5c92ed703c \
--hash=sha256:0d3f83ffb18dc57243e0151331e3c383b05e5b6c5029ac29f754745c800f8ed9 \
--hash=sha256:10b5582744abd9858947d163843d323d0b67be9432db50f8bf83031032bc218d \
--hash=sha256:123910c58234a8d40eaab595bc56a5ae49bdd90122dde5bdc012c20595a94c14 \
--hash=sha256:1482fba7fbed96ea7842b5a7fc11d61727e8be75a077e603e8ab49d24e234383 \
--hash=sha256:19834e3f91f485442adc1ee440171ec5d9a4840a1f7bd5ed97833544719ce10b \
--hash=sha256:1d363666acc21d2c204dd8705c0e0457d7b2ee7a76cb16ffc099d6799744ac99 \
--hash=sha256:211ef8d174601b80e01436f4e6905aca341b15a566f35a10dd8d1e93f5dbb3b7 \
--hash=sha256:269d06fa0f9624455ce08ae0179430eea61085e3cf6457f05982b37fd2cefe17 \
--hash=sha256:2e7dcdfad252f2ca83c685b0fa9fba00e4d8f243b73839229d56ee3d9d219314 \
--hash=sha256:334ef6ed8337bd0b58bb0ae4f7f2dcc84c9f116e474bb4ec250a8bb9bd797a66 \
--hash=sha256:343675e0da2f3c69d3fb1e894ba0a1acf58f481f3b9372ce1eb465ef93cf6fed \
--hash=sha256:37f60b3a42d8b5499be910d1267b24355c495064f271cfe74bf28b17b099133c \
--hash=sha256:38ad562a104cd41e9d4644f46ea37167b93190c6d5e4048fcc4b80d34ecb278f \
--hash=sha256:3c0d36f5adc6e6100aedbc976d7428a9f7194ea79911aa4bf471f44ee13a9464 \
--hash=sha256:3fd2b18432e7298fcbec3d39e1a0aa91ae9ea1c93356ec089421fabc3651572b \
--hash=sha256:4a1a6244ff96343e9994e37e5b4839f09a0207d35ef6134dce5c20d260d0302c \
--hash=sha256:4cd83fb8d8e17633ad534d9ac93719ef8937568d730ef07ac3a98cb520fd93e4 \
--hash=sha256:527cd90ba3d8d7ae7dceb06fda619895768a46a1b4e423bdb24c1969823b8362 \
--hash=sha256:56867a3b3cf26dc8a0beecdb4459c59f4c47cdd5424618c08515f682e1d46692 \
--hash=sha256:621fcb346141ae08cb95424ebfc5b014361621b8132c48e538e34c3c93ac7365 \
--hash=sha256:63acdc34c9cde42a6534518e32ce55c30f932b473c62c235a466469a710bfbf9 \
--hash=sha256:6512592cc49b2c6d9b19fbaa0312124cd4c4c8a90d28473f86f92685cc5fef8e \
--hash=sha256:6672fdde0fd1a60b44fb1751a7779c6db487e42b0cc65e7caa6aa686874e79fb \
--hash=sha256:6a5b2d4cdaf1c71057ff823a19d850ed5c6c2d3686cb71f73ae4d6382aaa7a06 \
--hash=sha256:6a68d670c8f89ff65c82b936275369e532772eebc027c3be68c6b87ad05ca695 \
--hash=sha256:6bb36985f606a7c49916eff74ab99399cdfd09241c375d5a820bb855dfb4af9f \
--hash=sha256:73b2f1922a39d5d59cc0e597987300df3396b148a9bd10b76a058a2f2772fc04 \
--hash=sha256:7709fd7bb02b31908dc8fd35bfd0a29fc24681d5cc9ac1d64ad07f8d2b7db62f \
--hash=sha256:8060b32d8586e912a7b7dac2d15b28dbbd63a174ab32f5bc6d107a1c4143f40b \
--hash=sha256:80dcd3c938cbcac986c5c92779db8e8ce51a89a849c135172c88ecbdc8c056b7 \
--hash=sha256:813720bd57e193391dfe26f4871186cf460848b83df7e23e6bef698a7624b4c9 \
--hash=sha256:831d6f35037cf18ca5e80a737a27d822d87cd922521d18ed3dbc8a6967be50ce \
--hash=sha256:871b0a8835f9e9d461b7fdaa1b57e3492dd45398e87324c047469ce2fc9f516c \
--hash=sha256:952256c2bc5b4ee8df8dfc54fc4de330970bf5d79253c863fb5e6761f00dda35 \
--hash=sha256:96d9ea57292f636ec851a9bb961a5cc0f9976900e16e5d5647f19aa36ba6366b \
--hash=sha256:9a812224a5fb17a538207e8cf8e86f517df2080c8ee0f8c1ed2bdaccd18f38f4 \
--hash=sha256:9adbd8ecf097e34ada8efde9b6fec4dd2a903b1e98037adf72d12993a1c80b51 \
--hash=sha256:9de687479faec7db5b198cc365bc34addd256b0028956501f4d4d5e9ca2e240a \
--hash=sha256:a048293392d4e058298710a54dfaefcefdf49d287cd33fb1f7d63d55426e4355 \
--hash=sha256:aa15a2ec737cb609ed48902b45c5e4ff6044feb5dcdfcf6fa8482379190330d7 \
--hash=sha256:abe1ef3d780de56defd0c77c5ba95e152f4e4c4e12d7e11dd8447d338b85a625 \
--hash=sha256:ad6fb737e46b8bd63156b8f59ba6cdef46fe2b7db0c5804388a2d0519b8ddb99 \
--hash=sha256:b1660a15a446206c8545edc292ab5c48b91ff732f91b3d3b30d9a915d5ec4779 \
--hash=sha256:b505fcfc26f4148551826a96f7317e02c400665fa0883fe505d4fcaab1dabfdd \
--hash=sha256:b822fab253ac0f330ee807e7485769e3ac85d5eef827ca224feaaefa462dc0d0 \
--hash=sha256:bdd696947cd695924aecb3870660b7545a19851f93b9d327ef8236bfc49be705 \
--hash=sha256:bdfaeecf8cc705d35d8e6de324bf58427d7eafb55f67050d8f28053a3d57118c \
--hash=sha256:be557119bf467d37a8099d91fbf11b2de5eb1fd5fc5b91598407574848dc910f \
--hash=sha256:c6b5ce7f40f0e2f8b88c28e6691ca6806814157ff05e794cdd161be928550f4c \
--hash=sha256:c94e4e924d09b5a3e37b853fe5924a95eac058cb6f6fb437ebb588b7eda79870 \
--hash=sha256:cc3e2679ea13b4de79bdc44b25a0c4fcd5e94e21b8f290791744ac42d34a0353 \
--hash=sha256:d1e22c22f7826096ad503e9bb681b05b8c1f5a8138469b255eb91f26a76634f2 \
--hash=sha256:d5539f6da3418c3dc002739cb2bb8d169056aa66e0c83f6bacae0cd3ac26b423 \
--hash=sha256:d55db1db455c59b46f794346efce896e754b8942817f46a1bada2d29446e305a \
--hash=sha256:e09dea87cc91aea5500262993cbd484b41edf8af74f976719dd83fe724644cd6 \
--hash=sha256:e52a712c38e5fb4fd68e00dc3caf00b60cb65634d50e32281a9d6431b33b4af1 \
--hash=sha256:e693e759e172fa1c2c90d35dea4acbdd1d609b6936115d3739148d5e4cd11947 \
--hash=sha256:ecf94aa539e97a8411b5ea52fc6ccd8371be9550c4041011a091eb8b3ca1d810 \
--hash=sha256:f351479a6914fd81a55c8e68963609f792d9b067fb8a60a042c585a621e0de4f \
--hash=sha256:f47932c434a3c8d3c86d865443fadc1fbf574e9b11d6650b656e602b1797908a
greenlet==3.0.1 \
--hash=sha256:0a02d259510b3630f330c86557331a3b0e0c79dac3d166e449a39363beaae174 \
--hash=sha256:0b6f9f8ca7093fd4433472fd99b5650f8a26dcd8ba410e14094c1e44cd3ceddd \
--hash=sha256:100f78a29707ca1525ea47388cec8a049405147719f47ebf3895e7509c6446aa \
--hash=sha256:1757936efea16e3f03db20efd0cd50a1c86b06734f9f7338a90c4ba85ec2ad5a \
--hash=sha256:19075157a10055759066854a973b3d1325d964d498a805bb68a1f9af4aaef8ec \
--hash=sha256:19bbdf1cce0346ef7341705d71e2ecf6f41a35c311137f29b8a2dc2341374565 \
--hash=sha256:20107edf7c2c3644c67c12205dc60b1bb11d26b2610b276f97d666110d1b511d \
--hash=sha256:22f79120a24aeeae2b4471c711dcf4f8c736a2bb2fabad2a67ac9a55ea72523c \
--hash=sha256:2847e5d7beedb8d614186962c3d774d40d3374d580d2cbdab7f184580a39d234 \
--hash=sha256:28e89e232c7593d33cac35425b58950789962011cc274aa43ef8865f2e11f46d \
--hash=sha256:329c5a2e5a0ee942f2992c5e3ff40be03e75f745f48847f118a3cfece7a28546 \
--hash=sha256:337322096d92808f76ad26061a8f5fccb22b0809bea39212cd6c406f6a7060d2 \
--hash=sha256:3fcc780ae8edbb1d050d920ab44790201f027d59fdbd21362340a85c79066a74 \
--hash=sha256:41bdeeb552d814bcd7fb52172b304898a35818107cc8778b5101423c9017b3de \
--hash=sha256:4eddd98afc726f8aee1948858aed9e6feeb1758889dfd869072d4465973f6bfd \
--hash=sha256:52e93b28db27ae7d208748f45d2db8a7b6a380e0d703f099c949d0f0d80b70e9 \
--hash=sha256:55d62807f1c5a1682075c62436702aaba941daa316e9161e4b6ccebbbf38bda3 \
--hash=sha256:5805e71e5b570d490938d55552f5a9e10f477c19400c38bf1d5190d760691846 \
--hash=sha256:599daf06ea59bfedbec564b1692b0166a0045f32b6f0933b0dd4df59a854caf2 \
--hash=sha256:60d5772e8195f4e9ebf74046a9121bbb90090f6550f81d8956a05387ba139353 \
--hash=sha256:696d8e7d82398e810f2b3622b24e87906763b6ebfd90e361e88eb85b0e554dc8 \
--hash=sha256:6e6061bf1e9565c29002e3c601cf68569c450be7fc3f7336671af7ddb4657166 \
--hash=sha256:80ac992f25d10aaebe1ee15df45ca0d7571d0f70b645c08ec68733fb7a020206 \
--hash=sha256:816bd9488a94cba78d93e1abb58000e8266fa9cc2aa9ccdd6eb0696acb24005b \
--hash=sha256:85d2b77e7c9382f004b41d9c72c85537fac834fb141b0296942d52bf03fe4a3d \
--hash=sha256:87c8ceb0cf8a5a51b8008b643844b7f4a8264a2c13fcbcd8a8316161725383fe \
--hash=sha256:89ee2e967bd7ff85d84a2de09df10e021c9b38c7d91dead95b406ed6350c6997 \
--hash=sha256:8bef097455dea90ffe855286926ae02d8faa335ed8e4067326257cb571fc1445 \
--hash=sha256:8d11ebbd679e927593978aa44c10fc2092bc454b7d13fdc958d3e9d508aba7d0 \
--hash=sha256:91e6c7db42638dc45cf2e13c73be16bf83179f7859b07cfc139518941320be96 \
--hash=sha256:97e7ac860d64e2dcba5c5944cfc8fa9ea185cd84061c623536154d5a89237884 \
--hash=sha256:990066bff27c4fcf3b69382b86f4c99b3652bab2a7e685d968cd4d0cfc6f67c6 \
--hash=sha256:9fbc5b8f3dfe24784cee8ce0be3da2d8a79e46a276593db6868382d9c50d97b1 \
--hash=sha256:ac4a39d1abae48184d420aa8e5e63efd1b75c8444dd95daa3e03f6c6310e9619 \
--hash=sha256:b2c02d2ad98116e914d4f3155ffc905fd0c025d901ead3f6ed07385e19122c94 \
--hash=sha256:b2d3337dcfaa99698aa2377c81c9ca72fcd89c07e7eb62ece3f23a3fe89b2ce4 \
--hash=sha256:b489c36d1327868d207002391f662a1d163bdc8daf10ab2e5f6e41b9b96de3b1 \
--hash=sha256:b641161c302efbb860ae6b081f406839a8b7d5573f20a455539823802c655f63 \
--hash=sha256:b8ba29306c5de7717b5761b9ea74f9c72b9e2b834e24aa984da99cbfc70157fd \
--hash=sha256:b9934adbd0f6e476f0ecff3c94626529f344f57b38c9a541f87098710b18af0a \
--hash=sha256:ce85c43ae54845272f6f9cd8320d034d7a946e9773c693b27d620edec825e376 \
--hash=sha256:cf868e08690cb89360eebc73ba4be7fb461cfbc6168dd88e2fbbe6f31812cd57 \
--hash=sha256:d2905ce1df400360463c772b55d8e2518d0e488a87cdea13dd2c71dcb2a1fa16 \
--hash=sha256:d57e20ba591727da0c230ab2c3f200ac9d6d333860d85348816e1dca4cc4792e \
--hash=sha256:d6a8c9d4f8692917a3dc7eb25a6fb337bff86909febe2f793ec1928cd97bedfc \
--hash=sha256:d923ff276f1c1f9680d32832f8d6c040fe9306cbfb5d161b0911e9634be9ef0a \
--hash=sha256:daa7197b43c707462f06d2c693ffdbb5991cbb8b80b5b984007de431493a319c \
--hash=sha256:dbd4c177afb8a8d9ba348d925b0b67246147af806f0b104af4d24f144d461cd5 \
--hash=sha256:dc4d815b794fd8868c4d67602692c21bf5293a75e4b607bb92a11e821e2b859a \
--hash=sha256:e9d21aaa84557d64209af04ff48e0ad5e28c5cca67ce43444e939579d085da72 \
--hash=sha256:ea6b8aa9e08eea388c5f7a276fabb1d4b6b9d6e4ceb12cc477c3d352001768a9 \
--hash=sha256:eabe7090db68c981fca689299c2d116400b553f4b713266b130cfc9e2aa9c5a9 \
--hash=sha256:f2f6d303f3dee132b322a14cd8765287b8f86cdc10d2cb6a6fae234ea488888e \
--hash=sha256:f33f3258aae89da191c6ebaa3bc517c6c4cbc9b9f689e5d8452f7aedbb913fa8 \
--hash=sha256:f7bfb769f7efa0eefcd039dd19d843a4fbfbac52f1878b1da2ed5793ec9b1a65 \
--hash=sha256:f89e21afe925fcfa655965ca8ea10f24773a1791400989ff32f467badfe4a064 \
--hash=sha256:fa24255ae3c0ab67e613556375a4341af04a084bd58764731972bcbc8baeba36
# via sqlalchemy
psycopg2-binary==2.9.9 \
--hash=sha256:03ef7df18daf2c4c07e2695e8cfd5ee7f748a1d54d802330985a78d2a5a6dca9 \
@ -175,6 +170,7 @@ psycopg2-binary==2.9.9 \
--hash=sha256:4686818798f9194d03c9129a4d9a702d9e113a89cb03bffe08c6cf799e053291 \
--hash=sha256:57fede879f08d23c85140a360c6a77709113efd1c993923c59fde17aa27599fe \
--hash=sha256:60989127da422b74a04345096c10d416c2b41bd7bf2a380eb541059e4e999980 \
--hash=sha256:64cf30263844fa208851ebb13b0732ce674d8ec6a0c86a4e160495d299ba3c93 \
--hash=sha256:68fc1f1ba168724771e38bee37d940d2865cb0f562380a1fb1ffb428b75cb692 \
--hash=sha256:6e6f98446430fdf41bd36d4faa6cb409f5140c1c2cf58ce0bbdaf16af7d3f119 \
--hash=sha256:729177eaf0aefca0994ce4cffe96ad3c75e377c7b6f4efa59ebf003b6d398716 \
@ -184,6 +180,7 @@ psycopg2-binary==2.9.9 \
--hash=sha256:78151aa3ec21dccd5cdef6c74c3e73386dcdfaf19bced944169697d7ac7482fc \
--hash=sha256:7f01846810177d829c7692f1f5ada8096762d9172af1b1a28d4ab5b77c923c1c \
--hash=sha256:804d99b24ad523a1fe18cc707bf741670332f7c7412e9d49cb5eab67e886b9b5 \
--hash=sha256:81ff62668af011f9a48787564ab7eded4e9fb17a4a6a74af5ffa6a457400d2ab \
--hash=sha256:8359bf4791968c5a78c56103702000105501adb557f3cf772b2c207284273984 \
--hash=sha256:83791a65b51ad6ee6cf0845634859d69a038ea9b03d7b26e703f94c7e93dbcf9 \
--hash=sha256:8532fd6e6e2dc57bcb3bc90b079c60de896d2128c5d9d6f24a63875a95a088cf \

1
tests/core/db/test.sh
View file

@ -64,6 +64,7 @@ else
export GLOBAL_REVERSE_PROXY_HOST="http://app1:8080"
export GLOBAL_REVERSE_PROXY_URL="/"
export CUSTOM_CONF_MODSEC_test_custom_conf='SecRule REQUEST_FILENAME "@rx ^/db" "id:10000,ctl:ruleRemoveByTag=attack-generic,ctl:ruleRemoveByTag=attack-protocol,nolog"'
sudo cp ready.conf /etc/bunkerweb/configs/server-http
fi
manual=0

9
tests/core/dnsbl/docker-compose.yml
View file

@ -18,6 +18,15 @@ services:
# ? DNSBL settings
USE_DNSBL: "yes"
DNSBL_LIST: ""
CUSTOM_CONF_SERVER_HTTP_ready: |
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}
networks:
bw-universe:
bw-services:

6
tests/core/dnsbl/init/requirements.txt
View file

@ -28,9 +28,9 @@ idna==3.4 \
--hash=sha256:814f528e8dead7d329833b91c5faa87d60bf71824cd12a7530b5526063d02cb4 \
--hash=sha256:90b77e79eaa3eba6de819a0c442c0b4ceefc341a7a2ab77d7562bf49f425c5c2
# via trio
outcome==1.3.0 \
--hash=sha256:588ef4dc10b64e8df160d8d1310c44e1927129a66d6d2ef86845cef512c5f24c \
--hash=sha256:7b688fd82db72f4b0bc9e883a00359d4d4179cd97d27f09c9644d0c842ba7786
outcome==1.3.0.post0 \
--hash=sha256:9dcf02e65f2971b80047b377468e72a268e15c0af3cf1238e6ff14f7f91143b8 \
--hash=sha256:e771c5ce06d1415e356078d3bdd68523f284b4ce5419828922b6871e65eda82b
# via trio
pysocks==1.7.1 \
--hash=sha256:08e69f092cc6dbe92a0fdd16eeb9b9ffbc13cadfe5ca4c7bd92ffb078b293299 \

6
tests/core/dnsbl/main.py
View file

@ -11,13 +11,15 @@ try:
retries = 0
while not ready:
with suppress(RequestException):
status_code = get("http://www.example.com", headers={"Host": "www.example.com"}, timeout=3).status_code
resp = get("http://www.example.com/ready", headers={"Host": "www.example.com"})
status_code = resp.status_code
text = resp.text
if status_code >= 500:
print("❌ An error occurred with the server, exiting ...", flush=True)
exit(1)
ready = status_code < 400 or status_code == 403
ready = status_code < 400 or status_code == 403 and text == "ready"
if retries > 10:
print("❌ The service took too long to be ready, exiting ...", flush=True)

8
tests/core/dnsbl/ready.conf Normal file
View file

@ -0,0 +1,8 @@
location /ready {
default_type 'text/plain';
rewrite_by_lua_block {
ngx.print('ready')
ngx.flush(true)
ngx.exit(ngx.HTTP_OK)
}
}

1
tests/core/dnsbl/test.sh
View file

@ -36,6 +36,7 @@ else
echo "DNSBL_LIST=" | sudo tee -a /etc/bunkerweb/variables.env
sudo touch /var/www/html/index.html
export TEST_TYPE="linux"
sudo cp ready.conf /etc/bunkerweb/configs/server-http
fi
manual=0

Some files were not shown because too many files have changed in this diff Show more