librewolf/bunkerized-nginx
4
0
Fork 1
mirror of https://github.com/bunkerity/bunkerized-nginx synced 2023-12-13 21:30:18 +01:00
Code Issues Projects Releases Wiki Activity

Optimize the way errors are being checked in linux core tests

Browse source
This commit is contained in:
Théophile Diot 2023-09-23 15:05:21 +01:00
parent 2ddc8cec72
commit 16d4c1133b
No known key found for this signature in database
GPG key ID: 248FEA4BAE400D06
30 changed files with 139 additions and 60 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
tests/core/antibot/test.sh
View file

@ -162,8 +162,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🤖 ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/authbasic/test.sh
View file

@ -189,8 +189,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🔐 ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/badbehavior/test.sh
View file

@ -212,8 +212,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "📟 ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/blacklist/test.sh
View file

@ -518,8 +518,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🏴 ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/brotli/test.sh
View file

@ -150,8 +150,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "📦 ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/bunkernet/test.sh
View file

@ -167,8 +167,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🕸️ ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/bwcli/test.sh
View file

@ -137,8 +137,10 @@ else
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "⌨️ ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/clientcache/test.sh
View file

@ -193,8 +193,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "📝 ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/cors/test.sh
View file

@ -230,8 +230,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🛰️ ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/country/test.sh
View file

@ -170,8 +170,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🌍 ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/customcert/test.sh
View file

@ -181,8 +181,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🔏 ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/db/test.sh
View file

@ -405,8 +405,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "💾 ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

2
tests/core/dnsbl/docker-compose.test.yml
View file

@ -6,7 +6,7 @@ services:
environment:
PYTHONUNBUFFERED: "1"
USE_DNSBL: "yes"
DNSBL_LIST: "bl.blocklist.de problems.dnsbl.sorbs.net"
DNSBL_LIST: ""
extra_hosts:
- "www.example.com:192.168.0.2"
networks:

2
tests/core/dnsbl/docker-compose.yml
View file

@ -17,7 +17,7 @@ services:
# ? DNSBL settings
USE_DNSBL: "yes"
DNSBL_LIST: "bl.blocklist.de problems.dnsbl.sorbs.net"
DNSBL_LIST: ""
networks:
bw-universe:
bw-services:

68
tests/core/dnsbl/main.py
View file

@ -1,5 +1,6 @@
from contextlib import suppress
from os import getenv
from os import getenv, sep
from os.path import join
from requests import get
from requests.exceptions import RequestException
from time import sleep
@ -31,37 +32,60 @@ try:
sleep(5)
use_dnsbl = getenv("USE_DNSBL", "yes") == "yes"
dnsbl_list = getenv("DNSBL_LIST", "bl.blocklist.de problems.dnsbl.sorbs.net")
dnsbl_list = getenv("DNSBL_LIST", "")
TEST_TYPE = getenv("TEST_TYPE", "docker")
print(
" Sending a request to http://www.example.com ...",
flush=True,
)
passed = False
retries = 0
status_code = get(
f"http://www.example.com",
headers={"Host": "www.example.com"}
| (
{"X-Forwarded-For": getenv("IP_ADDRESS", "")}
if getenv("TEST_TYPE", "docker") == "linux"
else {}
),
).status_code
while not passed and retries < 10:
status_code = get(
f"http://www.example.com",
headers={"Host": "www.example.com"}
| (
{"X-Forwarded-For": getenv("IP_ADDRESS", "")}
if TEST_TYPE == "linux"
else {}
),
).status_code
if status_code == 403:
if not use_dnsbl:
print("❌ The request was rejected, but DNSBL is disabled, exiting ...")
exit(1)
elif not dnsbl_list:
print(
"❌ The request was rejected, but DNSBL list is empty, exiting ..."
)
exit(1)
elif use_dnsbl and dnsbl_list:
if retries <= 10:
found = False
with open(join(sep, "var", "log", "bunkerweb", "error.log"), "r") as f:
for line in f.readlines():
if "error while doing A DNS query for" in line:
print(
f"⚠ Found the following error in the logs: {line}, retrying in 5s ...",
flush=True,
)
found = True
break
if found:
retries += 1
sleep(5)
continue
if status_code == 403:
if not use_dnsbl:
print("❌ The request was rejected, but DNSBL is disabled, exiting ...")
exit(1)
elif dnsbl_list == "bl.blocklist.de problems.dnsbl.sorbs.net":
print(
'❌ The request was rejected, but DNSBL list is equal to "bl.blocklist.de problems.dnsbl.sorbs.net", exiting ...'
f'❌ The request was not rejected, but DNSBL list is equal to "{dnsbl_list}", exiting ...'
)
exit(1)
elif use_dnsbl and dnsbl_list != "bl.blocklist.de problems.dnsbl.sorbs.net":
print(
f'❌ The request was not rejected, but DNSBL list is equal to "{dnsbl_list}", exiting ...'
)
exit(1)
passed = True
print("✅ DNSBL is working as expected ...", flush=True)
except SystemExit:

23
tests/core/dnsbl/test.sh
View file

@ -26,11 +26,12 @@ if [ "$integration" = "docker" ] ; then
fi
else
sudo systemctl stop bunkerweb
sudo pip install -r requirements.txt
echo "USE_REAL_IP=yes" | sudo tee -a /etc/bunkerweb/variables.env
echo "REAL_IP_FROM=127.0.0.0/24" | sudo tee -a /etc/bunkerweb/variables.env
echo "USE_DNSBL=yes" | sudo tee -a /etc/bunkerweb/variables.env
echo "DNSBL_LIST=bl.blocklist.de problems.dnsbl.sorbs.net" | sudo tee -a /etc/bunkerweb/variables.env
echo "DNSBL_LIST=" | sudo tee -a /etc/bunkerweb/variables.env
sudo touch /var/www/html/index.html
export TEST_TYPE="linux"
fi
@ -43,13 +44,13 @@ cleanup_stack () {
if [ "$integration" == "docker" ] ; then
rm -rf init/output
find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_DNSBL: "no"@USE_DNSBL: "yes"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@DNSBL_LIST: ".*"@DNSBL_LIST: "bl.blocklist.de problems.dnsbl.sorbs.net"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@DNSBL_LIST: ".*"@DNSBL_LIST: ""@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@ipv4_address: [0-9][0-9]*\.0@ipv4_address: 192.168@' {} \;
sed -i 's@subnet: [0-9][0-9]*\.0@subnet: 192.168@' docker-compose.yml
sed -i 's@www.example.com:[0-9][0-9]*\.0@www.example.com:192.168@' docker-compose.test.yml
else
sudo sed -i 's@USE_DNSBL=.*$@USE_DNSBL=yes@' /etc/bunkerweb/variables.env
sudo sed -i 's@DNSBL_LIST=.*$@DNSBL_LIST=bl.blocklist.de problems.dnsbl.sorbs.net@' /etc/bunkerweb/variables.env
sudo sed -i 's@DNSBL_LIST=.*$@DNSBL_LIST=@' /etc/bunkerweb/variables.env
unset USE_DNSBL
unset DNSBL_LIST
fi
@ -116,13 +117,13 @@ do
if [ "$test" = "activated" ] ; then
echo "🚫 Running tests with DNSBL activated and the server $server added to the list ..."
if [ "$integration" = "docker" ] ; then
find . -type f -name 'docker-compose.*' -exec sed -i 's@DNSBL_LIST: ".*"@DNSBL_LIST: "bl.blocklist.de problems.dnsbl.sorbs.net '"$server"'"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@DNSBL_LIST: ".*"@DNSBL_LIST: "'"$server"'"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@ipv4_address: 192.168@ipv4_address: '"${ip%%.*}"'.0@' {} \;
sed -i 's@subnet: 192.168@subnet: '"${ip%%.*}"'.0@' docker-compose.yml
sed -i 's@www.example.com:192.168@www.example.com:'"${ip%%.*}"'.0@' docker-compose.test.yml
else
sudo sed -i 's@DNSBL_LIST=.*$@DNSBL_LIST=bl.blocklist.de problems.dnsbl.sorbs.net '"$server"'@' /etc/bunkerweb/variables.env
export DNSBL_LIST="bl.blocklist.de problems.dnsbl.sorbs.net $server"
sudo sed -i 's@DNSBL_LIST=.*$@DNSBL_LIST='"$server"'@' /etc/bunkerweb/variables.env
export DNSBL_LIST="$server"
export IP_ADDRESS="$ip"
fi
elif [ "$test" = "deactivated" ] ; then
@ -137,10 +138,10 @@ do
echo "🚫 Running tests with DNSBL activated and without the server $server added to the list ..."
if [ "$integration" = "docker" ] ; then
find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_DNSBL: "no"@USE_DNSBL: "yes"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@DNSBL_LIST: ".*"@DNSBL_LIST: "bl.blocklist.de problems.dnsbl.sorbs.net"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@DNSBL_LIST: ".*"@DNSBL_LIST: ""@' {} \;
else
sudo sed -i 's@USE_DNSBL=.*$@USE_DNSBL=yes@' /etc/bunkerweb/variables.env
sudo sed -i 's@DNSBL_LIST=.*$@DNSBL_LIST=bl.blocklist.de problems.dnsbl.sorbs.net@' /etc/bunkerweb/variables.env
sudo sed -i 's@DNSBL_LIST=.*$@DNSBL_LIST=@' /etc/bunkerweb/variables.env
unset USE_DNSBL
unset DNSBL_LIST
fi
@ -216,8 +217,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🚫 ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0
@ -245,7 +248,7 @@ do
if [ "$integration" == "docker" ] ; then
docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests
else
python3 main.py
sudo -E python3 main.py
fi
if [ $? -ne 0 ] ; then

4
tests/core/errors/test.sh
View file

@ -167,8 +167,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "⭕ ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/greylist/test.sh
View file

@ -358,8 +358,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🏁 ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/gzip/test.sh
View file

@ -150,8 +150,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🗜️ ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/headers/test.sh
View file

@ -314,8 +314,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🎛️ ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/inject/test.sh
View file

@ -123,8 +123,10 @@ else
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "💉 ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/limit/test.sh
View file

@ -224,8 +224,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🎚️ ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/misc/test.sh
View file

@ -232,8 +232,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🗃️ ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/modsecurity/test.sh
View file

@ -168,8 +168,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "👮 ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/redirect/test.sh
View file

@ -160,8 +160,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "↩️ ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/redis/test.sh
View file

@ -257,8 +257,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🧰 ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/reversescan/test.sh
View file

@ -164,8 +164,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🕵️ ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/selfsigned/test.sh
View file

@ -170,8 +170,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🔑 ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/sessions/test.sh
View file

@ -167,8 +167,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🧳 ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0

4
tests/core/whitelist/test.sh
View file

@ -362,8 +362,10 @@ do
exit 1
fi
if ! [ -z $(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌") ] ; then
if ! [ -z "$(sudo journalctl -u bunkerweb --no-pager | grep "SYSTEMCTL - ❌")" ] ; then
echo "🏳️ ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0