diff --git a/.dockerignore b/.dockerignore
index 37ad4766..cce31779 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -3,4 +3,4 @@
.vscode/
__pycache__
env
-node_modules
\ No newline at end of file
+node_modules
diff --git a/.github/workflows/dev-update-mmdb.yml b/.github/workflows/dev-update-mmdb.yml
index 49f3c3b2..b8430b6c 100644
--- a/.github/workflows/dev-update-mmdb.yml
+++ b/.github/workflows/dev-update-mmdb.yml
@@ -23,7 +23,7 @@ jobs:
cd src/bw/misc/
CURL_RETURN_CODE=0
CURL_OUTPUT=`curl -w httpcode=%{http_code} -s -o asn.mmdb.gz https://download.db-ip.com/free/dbip-asn-lite-$(date +%Y-%m).mmdb.gz 2> /dev/null` || CURL_RETURN_CODE=$?
- if [ ${CURL_RETURN_CODE} -ne 0 ]; then
+ if [ ${CURL_RETURN_CODE} -ne 0 ]; then
echo "Curl connection failed when downloading asn-lite mmdb file with return code - ${CURL_RETURN_CODE}"
exit 1
else
@@ -37,7 +37,7 @@ jobs:
fi
CURL_RETURN_CODE=0
CURL_OUTPUT=`curl -w httpcode=%{http_code} -s -o country.mmdb.gz https://download.db-ip.com/free/dbip-country-lite-$(date +%Y-%m).mmdb.gz 2> /dev/null` || CURL_RETURN_CODE=$?
- if [ ${CURL_RETURN_CODE} -ne 0 ]; then
+ if [ ${CURL_RETURN_CODE} -ne 0 ]; then
echo "Curl connection failed when downloading country-lite mmdb file with return code - ${CURL_RETURN_CODE}"
exit 1
else
diff --git a/.github/workflows/push-github.yml b/.github/workflows/push-github.yml
index 8b564c8e..e0e2a862 100644
--- a/.github/workflows/push-github.yml
+++ b/.github/workflows/push-github.yml
@@ -56,7 +56,7 @@ jobs:
body: |
Documentation : https://docs.bunkerweb.io/${{ inputs.VERSION }}/
- Docker tags :
+ Docker tags :
- BunkerWeb : `bunkerity/bunkerweb:${{ inputs.VERSION }}` or `ghcr.io/bunkerity/bunkerweb:${{ inputs.VERSION }}`
- Scheduler : `bunkerity/bunkerweb-scheduler:${{ inputs.VERSION }}` or `ghcr.io/bunkerity/bunkerweb-scheduler:${{ inputs.VERSION }}`
- Autoconf : `bunkerity/bunkerweb-autoconf:${{ inputs.VERSION }}` or `ghcr.io/bunkerity/bunkerweb-autoconf:${{ inputs.VERSION }}`
@@ -64,7 +64,7 @@ jobs:
Linux packages : https://packagecloud.io/app/bunkerity/bunkerweb/search?q=${{ inputs.VERSION }}&filter=all&dist=
- Changelog :
+ Changelog :
${{ steps.getchangelog.outputs.content }}
draft: true
prerelease: ${{ inputs.PRERELEASE }}
@@ -82,7 +82,7 @@ jobs:
Documentation : https://docs.bunkerweb.io/${{ inputs.VERSION }}/
- Docker tags :
+ Docker tags :
- BunkerWeb : `bunkerity/bunkerweb:${{ inputs.VERSION }}` or `ghcr.io/bunkerity/bunkerweb:${{ inputs.VERSION }}`
- Scheduler : `bunkerity/bunkerweb-scheduler:${{ inputs.VERSION }}` or `ghcr.io/bunkerity/bunkerweb-scheduler:${{ inputs.VERSION }}`
- Autoconf : `bunkerity/bunkerweb-autoconf:${{ inputs.VERSION }}` or `ghcr.io/bunkerity/bunkerweb-autoconf:${{ inputs.VERSION }}`
diff --git a/.github/workflows/staging-tests.yml b/.github/workflows/staging-tests.yml
index 71171b8a..27d3a4fa 100644
--- a/.github/workflows/staging-tests.yml
+++ b/.github/workflows/staging-tests.yml
@@ -50,7 +50,7 @@ jobs:
if: inputs.TYPE == 'k8s'
- run: |
echo "$SECRET_KEY" > /tmp/.secret_key
- openssl enc -d -in /tmp/terraform.tar.enc -aes-256-cbc -pbkdf2 -iter 100000 -md sha256 -pass file:/tmp/.secret_key -out /tmp/terraform.tar
+ openssl enc -d -in /tmp/terraform.tar.enc -aes-256-cbc -pbkdf2 -iter 100000 -md sha256 -pass file:/tmp/.secret_key -out /tmp/terraform.tar
rm -f /tmp/.secret_key
tar xf /tmp/terraform.tar -C /
mkdir /tmp/reg
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 00000000..1c93f580
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,18 @@
+# See https://pre-commit.com for more information
+# See https://pre-commit.com/hooks.html for more hooks
+exclude: (^LICENSE.md$|^src/VERSION$|^src/(deps/src/|common/core/modsecurity/files/coreruleset/|ui/static/js/(editor/|utils/purify/|tsparticles\.bundle\.min\.js))|\.(svg|drawio|patch\d?|ascii|pem|tf|tftpl)$)
+repos:
+ - repo: https://github.com/pre-commit/pre-commit-hooks
+ rev: v4.4.0
+ hooks:
+ - id: check-case-conflict
+ - id: detect-private-key
+ - id: end-of-file-fixer
+ - id: requirements-txt-fixer
+ - id: trailing-whitespace
+
+ - repo: https://github.com/ambv/black
+ rev: 23.9.1
+ hooks:
+ - id: black
+ language_version: python3.9
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 3c5e42fc..b8323adc 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,6 @@
# Changelog
-## v1.5.3 -
+## v1.5.3 -
- [BUGFIX] Fix BunkerWeb not loading his own settings after a docker restart
- [BUGFIX] Fix Custom configs not following the service name after an update on the UI
diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md
index a7fc73ed..d24a0dff 100644
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@@ -125,4 +125,4 @@ enforcement ladder](https://github.com/mozilla/diversity).
For answers to common questions about this code of conduct, see the FAQ at
https://www.contributor-covenant.org/faq. Translations are available at
-https://www.contributor-covenant.org/translations.
\ No newline at end of file
+https://www.contributor-covenant.org/translations.
diff --git a/README.md b/README.md
index 0d02d3ff..2ae3e5dc 100644
--- a/README.md
+++ b/README.md
@@ -19,13 +19,13 @@
📓 Documentation
- |
+ |
👨💻 Demo
- |
+ |
🛡️ Examples
- |
+ |
💬 Chat
- |
+ |
📝 Forum
|
⚙️ Configurator
@@ -142,7 +142,7 @@ Another core component of BunkerWeb is the ModSecurity Web Application Firewall
State of the current configuration of BunkerWeb is stored in a backend database which contains the following data :
- Settings defined for all the services
-- Custom configurations
+- Custom configurations
- BunkerWeb instances
- Metadata about jobs execution
- Cached files
@@ -355,3 +355,8 @@ If you would like to contribute to the plugins you can read the [contributing gu
# Security policy
We take security bugs as serious issues and encourage responsible disclosure, see our [security policy](./SECURITY.md) for more information.
+
+
+# Stargazers over time
+
+[![Stargazers over time](https://starchart.cc/bunkerity/bunkerweb.svg)](https://starchart.cc/bunkerity/bunkerweb)
diff --git a/SECURITY.md b/SECURITY.md
index 4727f3b5..f1679de3 100644
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -14,4 +14,4 @@ Here is a non-exhaustive list of issues we consider as high risk :
## Bounty
-To encourage responsible disclosure, we may reward you with a bounty at the sole discretion of the maintainers.
\ No newline at end of file
+To encourage responsible disclosure, we may reward you with a bounty at the sole discretion of the maintainers.
diff --git a/docs/concepts.md b/docs/concepts.md
index 4410c539..4c4cce88 100644
--- a/docs/concepts.md
+++ b/docs/concepts.md
@@ -143,4 +143,4 @@ In essence, the scheduler serves as the brain of BunkerWeb, orchestrating variou
Depending on the integration approach, the execution environment of the scheduler may differ. In container-based integrations, the scheduler is executed within its dedicated container, providing isolation and flexibility. On the other hand, for Linux-based integrations, the scheduler is self-contained within the bunkerweb service, simplifying the deployment and management process.
-By employing the scheduler, BunkerWeb streamlines the automation and coordination of essential tasks, enabling efficient and reliable operation of the entire system.
\ No newline at end of file
+By employing the scheduler, BunkerWeb streamlines the automation and coordination of essential tasks, enabling efficient and reliable operation of the entire system.
diff --git a/docs/integrations.md b/docs/integrations.md
index 2ab99ff7..59bc08ef 100644
--- a/docs/integrations.md
+++ b/docs/integrations.md
@@ -136,15 +136,15 @@ volumes:
```
For example, if you have a value of **100000**, the mapped UID/GID will be **100100** (100000 + 100) :
-
+
```shell
mkdir bw-data && \
sudo chgrp 100100 bw-data && \
chmod 770 bw-data
```
-
+
Or if the folder already exists :
-
+
```shell
sudo chgrp -R 100100 bw-data && \
chmod -R 770 bw-data
@@ -188,7 +188,7 @@ By default, BunkerWeb container is listening (inside the container) on **8080/tc
!!! warning "Privileged ports in rootless mode or when using podman"
If you are using [Docker in rootless mode](https://docs.docker.com/engine/security/rootless) and want to redirect privileged ports (< 1024) like 80 and 443 to BunkerWeb, please refer to the prerequisites [here](https://docs.docker.com/engine/security/rootless/#exposing-privileged-ports).
-
+
If you are using [podman](https://podman.io/) you can lower the minimum number for unprivileged ports :
```shell
sudo sysctl net.ipv4.ip_unprivileged_port_start=1
@@ -465,7 +465,7 @@ As for the database volume, the documentation does not specify a specific approa
!!! info "Database backend"
Please be aware that our instructions assume you are using MariaDB as the default database backend, as configured by the `DATABASE_URI` setting. However, we understand that you may prefer to utilize alternative backends for your Docker integration. If that is the case, rest assured that other database backends are still possible. See docker-compose files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.2/misc/integrations) folder of the repository for more information.
-
+
Clustered database backends setup are out-of-the-scope of this documentation.
Here is the stack boilerplate that you can deploy using `docker stack deploy` :
@@ -638,7 +638,7 @@ Given the presence of multiple BunkerWeb instances, it is necessary to establish
!!! info "Database backend"
Please be aware that our instructions assume you are using MariaDB as the default database backend, as configured by the `DATABASE_URI` setting. However, we understand that you may prefer to utilize alternative backends for your Docker integration. If that is the case, rest assured that other database backends are still possible. See docker-compose files in the [misc/integrations folder](https://github.com/bunkerity/bunkerweb/tree/v1.5.2/misc/integrations) folder of the repository for more information.
-
+
Clustered database backends setup are out-of-the-scope of this documentation.
Please ensure that both the scheduler and autoconf services have access to the Kubernetes API. It is recommended to utilize [RBAC authorization](https://kubernetes.io/docs/reference/access-authn-authz/rbac/) for this purpose.
@@ -985,7 +985,7 @@ To simplify the installation process, Linux package repositories for BunkerWeb a
sudo apt update && \
sudo apt install -y bunkerweb=1.5.2
```
-
+
To prevent upgrading NGINX and/or BunkerWeb packages when executing `apt upgrade`, you can use the following command :
```shell
@@ -1022,7 +1022,7 @@ To simplify the installation process, Linux package repositories for BunkerWeb a
sudo apt update && \
sudo apt install -y bunkerweb=1.5.2
```
-
+
To prevent upgrading NGINX and/or BunkerWeb packages when executing `apt upgrade`, you can use the following command :
```shell
@@ -1188,7 +1188,7 @@ the configuration of BunkerWeb is done by using specific role variables :
List of supported providers :
-- virtualbox
+- virtualbox
- libvirt
!!! note "Supported Base Images"
@@ -1253,4 +1253,4 @@ Vagrant.configure("2") do |config|
# For libvirt
# config.vm.provider "libvirt"
end
-```
\ No newline at end of file
+```
diff --git a/docs/migrating.md b/docs/migrating.md
index 6d67d57a..b2b0434e 100644
--- a/docs/migrating.md
+++ b/docs/migrating.md
@@ -38,4 +38,4 @@ See the list of [redis settings](settings.md#redis) and the corresponding docume
## Default values and new settings
-The default value of some settings have changed and we have added many other settings, we recommend you read the [security tuning](security-tuning.md) and [settings](settings.md) sections of the documentation.
\ No newline at end of file
+The default value of some settings have changed and we have added many other settings, we recommend you read the [security tuning](security-tuning.md) and [settings](settings.md) sections of the documentation.
diff --git a/docs/misc/pdf.js b/docs/misc/pdf.js
index 23ef1c29..5314dfc0 100644
--- a/docs/misc/pdf.js
+++ b/docs/misc/pdf.js
@@ -13,7 +13,7 @@ console.log('Saving', url, 'to', pdfPath);
// totalPages – total pages in the document
headerHtml = `
- ${title}
+ ${title}
`;
footerHtml = ` /
`;
@@ -46,4 +46,4 @@ footerHtml = `
-{% endblock %}
\ No newline at end of file
+{% endblock %}
diff --git a/docs/plugins.md b/docs/plugins.md
index ccb84666..cad2e93e 100644
--- a/docs/plugins.md
+++ b/docs/plugins.md
@@ -218,7 +218,7 @@ The first step is to install the plugin by putting the plugin files inside the c
=== "Ansible"
When using the [Ansible integration](integrations.md#ansible), you can use the `plugins` variable to set a local folder containing your plugins that will be copied to your BunkerWeb instances.
-
+
Let's assume that you have plugins inside the `bunkerweb-plugins` folder :
```shell
@@ -231,7 +231,7 @@ The first step is to install the plugin by putting the plugin files inside the c
[mybunkers]
192.168.0.42 ... custom_plugins="{{ playbook_dir }}/bunkerweb-plugins"
```
-
+
Or alternatively, in your playbook file :
```yaml
diff --git a/docs/quickstart-guide.md b/docs/quickstart-guide.md
index 55a404dd..3b36042e 100644
--- a/docs/quickstart-guide.md
+++ b/docs/quickstart-guide.md
@@ -280,7 +280,7 @@ You will find more settings about reverse proxy in the [settings section](settin
[mybunkers]
192.168.0.42 variables_env="{{ playbook_dir }}/my_variables.env"
```
-
+
Or alternatively, in your playbook file :
```yaml
@@ -355,7 +355,7 @@ You will find more settings about reverse proxy in the [settings section](settin
```shell
curl -H "Host: app1.example.com" http://ip-or-fqdn-of-server
```
-
+
If you are using HTTPS, you will need to play with SNI :
```shell
@@ -716,7 +716,7 @@ You will find more settings about reverse proxy in the [settings section](settin
[mybunkers]
192.168.0.42 variables_env="{{ playbook_dir }}/my_variables.env"
```
-
+
Or alternatively, in your playbook file :
```yaml
@@ -1226,7 +1226,7 @@ For complete list of settings regarding `stream` mode, please refer to the [sett
- 80:8080 # Keep it if you want to use Let's Encrypt automation
- 10000:10000 # app1
- 20000:20000 # app2
-
+
...
```
@@ -1450,14 +1450,14 @@ Some integrations provide more convenient ways to apply configurations, such as
=== "Docker"
When using the [Docker integration](integrations.md#docker), you have two choices for the addition of custom configurations :
-
+
- Using specific settings `*_CUSTOM_CONF_*` as environment variables (recommended)
- Writing .conf files to the volume mounted on /data of the scheduler
-
+
**Using settings**
-
+
The settings to use must follow the pattern `_CUSTOM_CONF__` :
-
+
- `` : optional primary server name if multisite mode is enabled and the config must be applied to a specific service
- `` : the type of config, accepted values are `HTTP`, `DEFAULT_SERVER_HTTP`, `SERVER_HTTP`, `MODSEC`, `MODSEC_CRS`, `STREAM` and `SERVER_STREAM`
- `` : the name of config without the .conf suffix
@@ -1529,9 +1529,9 @@ Some integrations provide more convenient ways to apply configurations, such as
When using labels with the Docker autoconf integration, you can only apply custom configurations for the corresponding web service. Applying **http**, **default-server-http**, **stream** or any global configurations (like **server-http** or **server-stream** for all services) is not possible : you will need to mount files for that purpose.
The labels to use must follow the pattern `bunkerweb.CUSTOM_CONF__` :
-
+
- `` : the type of config, accepted values are `SERVER_HTTP`, `MODSEC`, `MODSEC_CRS` and `SERVER_STREAM`
- - `` : the name of config without the .conf suffix
+ - `` : the name of config without the .conf suffix
Here is a dummy example using a docker-compose file :
@@ -1553,13 +1553,13 @@ Some integrations provide more convenient ways to apply configurations, such as
**Using files**
The first thing to do is to create the folders :
-
+
```shell
mkdir -p ./bw-data/configs/server-http
```
You can now write your configurations :
-
+
```shell
echo "location /hello {
default_type 'text/plain';
@@ -1568,7 +1568,7 @@ Some integrations provide more convenient ways to apply configurations, such as
}
}" > ./bw-data/configs/server-http/hello-world.conf
```
-
+
Because the scheduler runs as an unprivileged user with UID and GID 101, you will need to edit the permissions :
```shell
@@ -1906,7 +1906,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma
find ./www -type f -exec chmod 0640 {} \; && \
find ./www -type d -exec chmod 0750 {} \;
```
-
+
When you start the BunkerWeb autoconf stack, mount the `www` folder into `/var/www/html` for the BunkerWeb container :
```yaml
@@ -2064,7 +2064,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma
find /shared/www -type f -exec chmod 0640 {} \; && \
find /shared/www -type d -exec chmod 0750 {} \;
```
-
+
When you start the BunkerWeb stack, mount the `/shared/www` folder into `/var/www/html` for the BunkerWeb container :
```yaml
@@ -2249,14 +2249,14 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma
app3.example.com_LOCAL_PHP=/run/php/php-fpm.sock
app3.example.com_LOCAL_PHP_PATH=/var/www/html/app3.example.com
```
-
+
The `custom_site` variable can be used to specify a directory containing your application files (e.g : `www`) that will be copied to `/var/www/html` and the `custom_www_owner` variable contains the owner that should be set for the files and folders. Here is an example using the Ansible inventory (replace `www-data` with the user running the PHP-FPM service):
```ini
[mybunkers]
192.168.0.42 variables_env="{{ playbook_dir }}/my_variables.env" custom_www="{{ playbook_dir }}/my_app" custom_www_owner="www-data"
```
-
+
Or alternatively, in your playbook file :
```yaml
@@ -2354,7 +2354,7 @@ By default, BunkerWeb will only listen on IPv4 adresses and won't use IPv6 for n
image: bunkerity/bunkerweb:1.5.2
environment:
- USE_IPv6=yes
-
+
...
networks:
@@ -2399,7 +2399,7 @@ By default, BunkerWeb will only listen on IPv4 adresses and won't use IPv6 for n
image: bunkerity/bunkerweb:1.5.2
environment:
- USE_IPv6=yes
-
+
...
networks:
@@ -2410,6 +2410,6 @@ By default, BunkerWeb will only listen on IPv4 adresses and won't use IPv6 for n
config:
- subnet: fd00:13:37::/48
gateway: fd00:13:37::1
-
+
...
- ```
\ No newline at end of file
+ ```
diff --git a/docs/requirements.in b/docs/requirements.in
index f1d804fc..e519d9a1 100644
--- a/docs/requirements.in
+++ b/docs/requirements.in
@@ -2,4 +2,4 @@ mkdocs==1.5.3
mkdocs-material==9.4.2
pytablewriter==1.1.0
mike==1.1.2
-mkdocs-print-site-plugin==2.3.6
\ No newline at end of file
+mkdocs-print-site-plugin==2.3.6
diff --git a/docs/requirements.txt b/docs/requirements.txt
index b2306d8c..ac84df06 100644
--- a/docs/requirements.txt
+++ b/docs/requirements.txt
@@ -431,6 +431,12 @@ regex==2023.8.8 \
requests==2.31.0 \
--hash=sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f \
--hash=sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1
+ # via importlib-metadata
+
+# The following packages are considered to be unsafe in a requirements file:
+setuptools==68.2.2 \
+ --hash=sha256:4ac1475276d2f1c48684874089fefcd83bd7162ddaafb81fac866ba0db282a87 \
+ --hash=sha256:b454a35605876da60632df1a60f736524eb73cc47bbc9f3f1ef1b644de74fd2a
# via mkdocs-material
six==1.16.0 \
--hash=sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926 \
@@ -491,10 +497,4 @@ watchdog==3.0.0 \
zipp==3.17.0 \
--hash=sha256:0e923e726174922dce09c53c59ad483ff7bbb8e572e00c7f7c46b88556409f31 \
--hash=sha256:84e64a1c28cf7e91ed2078bb8cc8c259cb19b76942096c8d7b84947690cabaf0
- # via importlib-metadata
-
-# The following packages are considered to be unsafe in a requirements file:
-setuptools==68.2.2 \
- --hash=sha256:4ac1475276d2f1c48684874089fefcd83bd7162ddaafb81fac866ba0db282a87 \
- --hash=sha256:b454a35605876da60632df1a60f736524eb73cc47bbc9f3f1ef1b644de74fd2a
# via pytablewriter
diff --git a/docs/robots.txt b/docs/robots.txt
index 3a6a4a47..ace58387 100644
--- a/docs/robots.txt
+++ b/docs/robots.txt
@@ -1,4 +1,4 @@
User-agent: *
Allow: /latest/
-Sitemap: https://docs.bunkerweb.io/latest/sitemap.xml
\ No newline at end of file
+Sitemap: https://docs.bunkerweb.io/latest/sitemap.xml
diff --git a/docs/settings.md b/docs/settings.md
index 051a63d8..4ee85745 100644
--- a/docs/settings.md
+++ b/docs/settings.md
@@ -539,4 +539,3 @@ Allow access based on internal and external IP/network/rDNS/ASN whitelists.
|`WHITELIST_USER_AGENT_URLS`| |global |no |List of URLs, separated with spaces, containing good User-Agent to whitelist. |
|`WHITELIST_URI` | |multisite|no |List of URI (PCRE regex), separated with spaces, to whitelist. |
|`WHITELIST_URI_URLS` | |global |no |List of URLs, separated with spaces, containing bad URI to whitelist. |
-
diff --git a/docs/troubleshooting.md b/docs/troubleshooting.md
index 578c93fd..cc4bfe21 100644
--- a/docs/troubleshooting.md
+++ b/docs/troubleshooting.md
@@ -273,7 +273,7 @@ You can manually unban an IP which can be useful when doing some tests but it ne
```shell
sudo bwcli unban 1.2.3.4
```
-
+
## Whitelisting
If you have bots that need to access your website, the recommended way to avoid any false positive is to whitelist them using the [whitelisting feature](security-tuning.md#blacklisting-and-whitelisting). We don't recommend using the `WHITELIST_URI*` or `WHITELIST_USER_AGENT*` settings unless they are set to secret and unpredictable values. Common use cases are :
@@ -284,4 +284,4 @@ If you have bots that need to access your website, the recommended way to avoid
## Timezone
-When using container-based integrations, the timezone of the container may not match the one of the host machine. To resolve that, you can set the `TZ` environment variable to the timezone of your choice on your containers (e.g. `TZ=Europe/Paris`). You will find the list of timezone identifers [here](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
\ No newline at end of file
+When using container-based integrations, the timezone of the container may not match the one of the host machine. To resolve that, you can set the `TZ` environment variable to the timezone of your choice on your containers (e.g. `TZ=Europe/Paris`). You will find the list of timezone identifers [here](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones#List).
diff --git a/docs/web-ui.md b/docs/web-ui.md
index 4b1c0e55..2477f56a 100644
--- a/docs/web-ui.md
+++ b/docs/web-ui.md
@@ -945,4 +945,4 @@ Because the web UI is a web application, the recommended installation procedure
```shell
systemctl restart bunkerweb
- ```
\ No newline at end of file
+ ```
diff --git a/examples/authelia/variables.env b/examples/authelia/variables.env
index 96a565ed..04c39eb9 100644
--- a/examples/authelia/variables.env
+++ b/examples/authelia/variables.env
@@ -30,4 +30,4 @@ app2.example.com_REVERSE_PROXY_HOST=http://app2.example.com
app2.example.com_REVERSE_PROXY_AUTH_REQUEST=/authelia
app2.example.com_REVERSE_PROXY_AUTH_REQUEST_SIGNIN_URL=https://auth.example.com/?rd=$scheme%3A%2F%2F$host$request_uri
app2.example.com_REVERSE_PROXY_AUTH_REQUEST_SET=$user $upstream_http_remote_user;$groups $upstream_http_remote_groups;$name $upstream_http_remote_name;$email $upstream_http_remote_email
-app2.example.com_REVERSE_PROXY_HEADERS=Remote-User $user;Remote-Groups $groups;Remote-Name $name;Remote-Email $email
\ No newline at end of file
+app2.example.com_REVERSE_PROXY_HEADERS=Remote-User $user;Remote-Groups $groups;Remote-Name $name;Remote-Email $email
diff --git a/examples/authentik/.env b/examples/authentik/.env
index 464014c7..1f5456b8 100644
--- a/examples/authentik/.env
+++ b/examples/authentik/.env
@@ -2,4 +2,4 @@ PG_PASS=changeme
AUTHENTIK_SECRET_KEY=changeme
AUTHENTIK_COOKIE_DOMAIN=example.com
AUTHENTIK_BOOTSTRAP_PASSWORD=changeme
-AUTHENTIK_BOOTSTRAP_TOKEN=changeme
\ No newline at end of file
+AUTHENTIK_BOOTSTRAP_TOKEN=changeme
diff --git a/examples/behind-reverse-proxy/setup-linux.sh b/examples/behind-reverse-proxy/setup-linux.sh
index ae1baf25..0edd7a72 100755
--- a/examples/behind-reverse-proxy/setup-linux.sh
+++ b/examples/behind-reverse-proxy/setup-linux.sh
@@ -21,4 +21,4 @@ systemctl stop bunkerweb
systemctl stop haproxy
systemctl start haproxy
-echo "hello" > /var/www/html/index.html
\ No newline at end of file
+echo "hello" > /var/www/html/index.html
diff --git a/examples/behind-reverse-proxy/variables.env b/examples/behind-reverse-proxy/variables.env
index bf34f304..a7ae9b03 100644
--- a/examples/behind-reverse-proxy/variables.env
+++ b/examples/behind-reverse-proxy/variables.env
@@ -3,4 +3,4 @@ DNS_RESOLVERS=8.8.8.8 8.8.4.4
SERVER_NAME=www.example.com
# real IP settings
USE_REAL_IP=yes
-REAL_IP_FROM=127.0.0.0/8
\ No newline at end of file
+REAL_IP_FROM=127.0.0.0/8
diff --git a/examples/bigbluebutton/docker-compose.yml b/examples/bigbluebutton/docker-compose.yml
index f0622f0e..7063403d 100644
--- a/examples/bigbluebutton/docker-compose.yml
+++ b/examples/bigbluebutton/docker-compose.yml
@@ -84,4 +84,4 @@ networks:
driver: default
config:
- subnet: 10.20.30.0/24
- bw-docker:
\ No newline at end of file
+ bw-docker:
diff --git a/examples/certbot-dns-ovh/entrypoint.sh b/examples/certbot-dns-ovh/entrypoint.sh
index 0283814c..9276028f 100644
--- a/examples/certbot-dns-ovh/entrypoint.sh
+++ b/examples/certbot-dns-ovh/entrypoint.sh
@@ -20,4 +20,4 @@ chown -R 0:101 /etc/letsencrypt && chmod -R 770 /etc/letsencrypt
echo "Certbot ended, sleeping for 24 hours"
-sleep 86400
\ No newline at end of file
+sleep 86400
diff --git a/examples/cors/setup-autoconf.sh b/examples/cors/setup-autoconf.sh
index d759cf0f..3d7eb0a5 100755
--- a/examples/cors/setup-autoconf.sh
+++ b/examples/cors/setup-autoconf.sh
@@ -7,4 +7,4 @@ fi
chown -R 33:101 ./www
find ./www -type f -exec chmod 0640 {} \;
-find ./www -type d -exec chmod 0750 {} \;
\ No newline at end of file
+find ./www -type d -exec chmod 0750 {} \;
diff --git a/examples/cors/setup-docker.sh b/examples/cors/setup-docker.sh
index d759cf0f..3d7eb0a5 100755
--- a/examples/cors/setup-docker.sh
+++ b/examples/cors/setup-docker.sh
@@ -7,4 +7,4 @@ fi
chown -R 33:101 ./www
find ./www -type f -exec chmod 0640 {} \;
-find ./www -type d -exec chmod 0750 {} \;
\ No newline at end of file
+find ./www -type d -exec chmod 0750 {} \;
diff --git a/examples/cors/setup-linux.sh b/examples/cors/setup-linux.sh
index bbe51bae..aa048e8e 100755
--- a/examples/cors/setup-linux.sh
+++ b/examples/cors/setup-linux.sh
@@ -16,4 +16,4 @@ fi
cp -r ./www/* /var/www/html
chown -R $user:nginx /var/www/html
find /var/www/html -type f -exec chmod 0640 {} \;
-find /var/www/html -type d -exec chmod 0750 {} \;
\ No newline at end of file
+find /var/www/html -type d -exec chmod 0750 {} \;
diff --git a/examples/cors/variables.env b/examples/cors/variables.env
index a9558a60..db25d7dc 100644
--- a/examples/cors/variables.env
+++ b/examples/cors/variables.env
@@ -16,4 +16,4 @@ app1.example.com_LOCAL_PHP_PATH=/var/www/html/app1.example.com
app2.example.com_LOCAL_PHP=/run/php/php-fpm.sock
app2.example.com_LOCAL_PHP_PATH=/var/www/html/app2.example.com
app3.example.com_LOCAL_PHP=/run/php/php-fpm.sock
-app3.example.com_LOCAL_PHP_PATH=/var/www/html/app3.example.com
\ No newline at end of file
+app3.example.com_LOCAL_PHP_PATH=/var/www/html/app3.example.com
diff --git a/examples/drupal/bw-data/configs/modsec-crs/drupal.conf b/examples/drupal/bw-data/configs/modsec-crs/drupal.conf
index 24802a41..da9441ef 100644
--- a/examples/drupal/bw-data/configs/modsec-crs/drupal.conf
+++ b/examples/drupal/bw-data/configs/modsec-crs/drupal.conf
@@ -4,4 +4,4 @@ SecAction \
nolog,\
pass,\
t:none,\
- setvar:tx.crs_exclusions_drupal=1"
\ No newline at end of file
+ setvar:tx.crs_exclusions_drupal=1"
diff --git a/examples/drupal/setup-swarm.sh b/examples/drupal/setup-swarm.sh
index 063f6d72..a62cfc60 100755
--- a/examples/drupal/setup-swarm.sh
+++ b/examples/drupal/setup-swarm.sh
@@ -10,4 +10,4 @@
docker config rm cfg_drupal_modsec_crs
# create configs
-docker config create -l bunkerweb.CONFIG_TYPE=modsec-crs -l bunkerweb.CONFIG_SITE=www.example.com cfg_drupal_modsec_crs ./bw-data/configs/modsec-crs/drupal.conf
\ No newline at end of file
+docker config create -l bunkerweb.CONFIG_TYPE=modsec-crs -l bunkerweb.CONFIG_SITE=www.example.com cfg_drupal_modsec_crs ./bw-data/configs/modsec-crs/drupal.conf
diff --git a/examples/drupal/variables.env b/examples/drupal/variables.env
index 23ec3d46..e2ad8014 100644
--- a/examples/drupal/variables.env
+++ b/examples/drupal/variables.env
@@ -10,4 +10,4 @@ USE_GZIP=yes
LIMIT_REQ_URL_1=/core/install.php
LIMIT_REQ_RATE_1=5r/s
LOCAL_PHP=/run/php/php-fpm.sock
-LOCAL_PHP_PATH=/var/www/html
\ No newline at end of file
+LOCAL_PHP_PATH=/var/www/html
diff --git a/examples/gogs/bw-data/configs/modsec-crs/gogs.conf b/examples/gogs/bw-data/configs/modsec-crs/gogs.conf
index 027241cb..f6f11c02 100644
--- a/examples/gogs/bw-data/configs/modsec-crs/gogs.conf
+++ b/examples/gogs/bw-data/configs/modsec-crs/gogs.conf
@@ -4,4 +4,4 @@ SecAction \
nolog,\
pass,\
t:none,\
- setvar:'tx.allowed_request_content_type=|application/x-www-form-urlencoded| |multipart/form-data| |multipart/related| |text/xml| |application/xml| |application/soap+xml| |application/x-amf| |application/json| |application/cloudevents+json| |application/cloudevents-batch+json| |application/octet-stream| |application/csp-report| |application/xss-auditor-report| |text/plain| |application/x-git-upload-pack-request| |application/x-git-receive-pack-request|'"
\ No newline at end of file
+ setvar:'tx.allowed_request_content_type=|application/x-www-form-urlencoded| |multipart/form-data| |multipart/related| |text/xml| |application/xml| |application/soap+xml| |application/x-amf| |application/json| |application/cloudevents+json| |application/cloudevents-batch+json| |application/octet-stream| |application/csp-report| |application/xss-auditor-report| |text/plain| |application/x-git-upload-pack-request| |application/x-git-receive-pack-request|'"
diff --git a/examples/gogs/setup-swarm.sh b/examples/gogs/setup-swarm.sh
index 6bcabb2c..5266d70e 100755
--- a/examples/gogs/setup-swarm.sh
+++ b/examples/gogs/setup-swarm.sh
@@ -10,4 +10,4 @@
docker config rm cfg_gogs_modsec_crs
# create configs
-docker config create -l bunkerweb.CONFIG_TYPE=modsec-crs -l bunkerweb.CONFIG_SITE=www.example.com cfg_gogs_modsec_crs ./bw-data/configs/modsec-crs/gogs.conf
\ No newline at end of file
+docker config create -l bunkerweb.CONFIG_TYPE=modsec-crs -l bunkerweb.CONFIG_SITE=www.example.com cfg_gogs_modsec_crs ./bw-data/configs/modsec-crs/gogs.conf
diff --git a/examples/joomla/variables.env b/examples/joomla/variables.env
index 0fd50b4a..bad26da3 100644
--- a/examples/joomla/variables.env
+++ b/examples/joomla/variables.env
@@ -12,4 +12,4 @@ LIMIT_REQ_RATE_1=8r/s
LIMIT_REQ_URL_2=/installation/index.php
LIMIT_REQ_RATE_2=8r/s
LOCAL_PHP=/run/php/php-fpm.sock
-LOCAL_PHP_PATH=/var/www/html
\ No newline at end of file
+LOCAL_PHP_PATH=/var/www/html
diff --git a/examples/magento/setup-swarm.sh b/examples/magento/setup-swarm.sh
index d2aa8961..21c47b21 100755
--- a/examples/magento/setup-swarm.sh
+++ b/examples/magento/setup-swarm.sh
@@ -10,4 +10,4 @@
docker config rm cfg_magento_server_http
# create configs
-docker config create -l bunkerweb.CONFIG_TYPE=server-http -l bunkerweb.CONFIG_SITE=www.example.com cfg_magento_server_http ./bw-data/configs/server-http/buffering.conf
\ No newline at end of file
+docker config create -l bunkerweb.CONFIG_TYPE=server-http -l bunkerweb.CONFIG_SITE=www.example.com cfg_magento_server_http ./bw-data/configs/server-http/buffering.conf
diff --git a/examples/mongo-express/bw-data/configs/modsec/mongo-express.conf b/examples/mongo-express/bw-data/configs/modsec/mongo-express.conf
index 4a43bc4d..a992d086 100644
--- a/examples/mongo-express/bw-data/configs/modsec/mongo-express.conf
+++ b/examples/mongo-express/bw-data/configs/modsec/mongo-express.conf
@@ -1 +1 @@
-SecRule REQUEST_FILENAME "@rx ^/db" "id:1,ctl:ruleRemoveByTag=attack-generic,ctl:ruleRemoveByTag=attack-protocol,nolog"
\ No newline at end of file
+SecRule REQUEST_FILENAME "@rx ^/db" "id:1,ctl:ruleRemoveByTag=attack-generic,ctl:ruleRemoveByTag=attack-protocol,nolog"
diff --git a/examples/mongo-express/setup-swarm.sh b/examples/mongo-express/setup-swarm.sh
index 1b62e7ac..e8a7f6f6 100755
--- a/examples/mongo-express/setup-swarm.sh
+++ b/examples/mongo-express/setup-swarm.sh
@@ -10,4 +10,4 @@
docker config rm cfg_me_modsec
# create configs
-docker config create -l bunkerweb.CONFIG_TYPE=modsec -l bunkerweb.CONFIG_SITE=www.example.com cfg_me_modsec ./bw-data/configs/modsec/mongo-express.conf
\ No newline at end of file
+docker config create -l bunkerweb.CONFIG_TYPE=modsec -l bunkerweb.CONFIG_SITE=www.example.com cfg_me_modsec ./bw-data/configs/modsec/mongo-express.conf
diff --git a/examples/nextcloud/bw-data/configs/modsec/nextcloud.conf b/examples/nextcloud/bw-data/configs/modsec/nextcloud.conf
index 0f57eb89..bbe63e41 100644
--- a/examples/nextcloud/bw-data/configs/modsec/nextcloud.conf
+++ b/examples/nextcloud/bw-data/configs/modsec/nextcloud.conf
@@ -1 +1 @@
-SecRule REQUEST_FILENAME "@rx ^/remote.php/dav/files/" "id:2000,ctl:ruleRemoveByTag=attack-protocol,ctl:ruleRemoveByTag=attack-generic,nolog"
\ No newline at end of file
+SecRule REQUEST_FILENAME "@rx ^/remote.php/dav/files/" "id:2000,ctl:ruleRemoveByTag=attack-protocol,ctl:ruleRemoveByTag=attack-generic,nolog"
diff --git a/examples/nextcloud/setup-swarm.sh b/examples/nextcloud/setup-swarm.sh
index bfe39b83..7f1079a5 100755
--- a/examples/nextcloud/setup-swarm.sh
+++ b/examples/nextcloud/setup-swarm.sh
@@ -12,4 +12,4 @@ docker config rm cfg_nextcloud_modsec_crs
# create configs
docker config create -l bunkerweb.CONFIG_TYPE=modsec -l bunkerweb.CONFIG_SITE=www.example.com cfg_nextcloud_modsec ./bw-data/configs/modsec/nextcloud.conf
-docker config create -l bunkerweb.CONFIG_TYPE=modsec-crs -l bunkerweb.CONFIG_SITE=www.example.com cfg_nextcloud_modsec_crs ./bw-data/configs/modsec-crs/nextcloud.conf
\ No newline at end of file
+docker config create -l bunkerweb.CONFIG_TYPE=modsec-crs -l bunkerweb.CONFIG_SITE=www.example.com cfg_nextcloud_modsec_crs ./bw-data/configs/modsec-crs/nextcloud.conf
diff --git a/examples/nextcloud/variables.env b/examples/nextcloud/variables.env
index 814bfa03..8a0f79b8 100644
--- a/examples/nextcloud/variables.env
+++ b/examples/nextcloud/variables.env
@@ -16,4 +16,4 @@ LIMIT_REQ_RATE_1=5r/s
LIMIT_REQ_URL_2=/apps/text/session/sync
LIMIT_REQ_RATE_2=8r/s
LIMIT_REQ_URL_3=/core/preview
-LIMIT_REQ_RATE_3=5r/s
\ No newline at end of file
+LIMIT_REQ_RATE_3=5r/s
diff --git a/examples/php-cookie-flags/setup-linux.sh b/examples/php-cookie-flags/setup-linux.sh
index 8d69ed38..ade3fe90 100755
--- a/examples/php-cookie-flags/setup-linux.sh
+++ b/examples/php-cookie-flags/setup-linux.sh
@@ -17,4 +17,4 @@ fi
cp -r ./www/* /var/www/html
chown -R $user:nginx /var/www/html
find /var/www/html -type f -exec chmod 0640 {} \;
-find /var/www/html -type d -exec chmod 0750 {} \;
\ No newline at end of file
+find /var/www/html -type d -exec chmod 0750 {} \;
diff --git a/examples/php-cookie-flags/www/index.php b/examples/php-cookie-flags/www/index.php
index 544b97c6..547b1e9a 100644
--- a/examples/php-cookie-flags/www/index.php
+++ b/examples/php-cookie-flags/www/index.php
@@ -17,4 +17,4 @@ if(!isset($_COOKIE[$cookie_name])) {
?>