librewolf
/
bunkerized-nginx
mirror of https://github.com/bunkerity/bunkerized-nginx
4
0
Fork 1
Code Issues Projects Releases Wiki Activity

tests - add delay parameter

This commit is contained in:
bunkerity 2022-07-27 14:44:46 +02:00
parent d648b1fbea
commit 216686fc8c
No known key found for this signature in database
GPG Key ID: 3D80806F12602A7C
9 changed files with 65 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
docs/plugins.md
View File

@ -120,16 +120,33 @@ The first step is to install the plugin by putting the plugin files inside the c
```
=== "Ansible"
When using the [Ansible integration](/1.4/integrations/#ansible), plugins must be written to the varaibles `plugins` within your Ansible inventory. :
When using the [Ansible integration](/1.4/integrations/#ansible), you can use the `plugins` variable to set a local folder containing your plugins that will be copied to your BunkerWeb instances.
Let's assume that you have plugins inside the `bunkerweb-plugins` folder :
```shell
git clone https://github.com/bunkerity/bunkerweb-plugins
```
In your Ansible inventory, you can use the `plugins` variable to set the path of plugins folder :
```ini
[all]
"Your_IP"
[all:vars]
plugins="PathToYourPlugins"
[mybunkers]
192.168.0.42 ... plugins="{{ playbook_dir }}/bunkerweb-plugins"
```
Or alternatively, in your playbook file :
```yaml
- hosts: all
become: true
vars:
- variables_env: "{{ playbook_dir }}/my_variables.env"
roles:
- bunkerweb
```
When a plugin is installed, you are ready to use it, please refer to the plugin documentation for more information.
Run the playbook :
```shell
ansible-playbook -i inventory.yml playbook.yml
```
## Writing a plugin

20
docs/troubleshooting.md
View File

@ -86,6 +86,19 @@ Here is how you can access the logs depending on your integration :
cat /var/log/nginx/access.log
```
=== "Ansible"
For errors related to BunkerWeb services (e.g. not starting), you can use `journalctl` :
```shell
ansible -i inventory.yml all -a "journalctl -u bunkerweb --no-pager" --become
```
Common logs are located inside the `/var/log/nginx` directory :
```shell
ansible -i inventory.yml all -a "cat /var/log/nginx/error.log" --become
ansible -i inventory.yml all -a "cat /var/log/nginx/access.log" --become
```
## Permissions
Don't forget that BunkerWeb runs as an unprivileged user for obvious security reasons. Double-check the permissions of files and folders used by BunkerWeb especially if you use custom configurations (more info [here](/1.4/quickstart-guide/#custom-configurations)). You will need to set at least **RW** rights on files and **_RWX_** on folders.
@ -234,6 +247,13 @@ You can manually unban an IP which can be useful when doing some tests but it ne
sudo bwcli unban 1.2.3.4
```
=== "Ansible"
You can use the `bwcli` command :
```shell
ansible -i inventory.yml all -a "bwcli unban 1.2.3.4" --become
```
## Whitelisting
If you have bots that need to access your website, the recommended way to avoid any false positive is to whitelist it using the [whitelisting feature](/1.4/security-tuning/#blacklisting-and-whitelisting). We don't recommend using the `WHITELIST_URI*` or `WHITELIST_USER_AGENT*` settings unless they are set to secret and unpredictable values. Common use cases are :

1
examples/ghost/tests.json
View File

@ -8,6 +8,7 @@
"linux"
],
"timeout": 60,
"delay": 30,
"tests": [
{
"type": "string",

4
tests/AutoconfTest.py
View File

@ -9,8 +9,8 @@ from logger import log
class AutoconfTest(Test) :
def __init__(self, name, timeout, tests, no_copy_container=False) :
super().__init__(name, "autoconf", timeout, tests, no_copy_container=no_copy_container)
def __init__(self, name, timeout, tests, no_copy_container=False, delay=0) :
super().__init__(name, "autoconf", timeout, tests, no_copy_container=no_copy_container, delay=delay)
self._domains = {
r"www\.example\.com": getenv("TEST_DOMAIN1"),
r"auth\.example\.com": getenv("TEST_DOMAIN1"),

4
tests/DockerTest.py
View File

@ -8,8 +8,8 @@ from logger import log
class DockerTest(Test) :
def __init__(self, name, timeout, tests, no_copy_container=False) :
super().__init__(name, "docker", timeout, tests, no_copy_container=no_copy_container)
def __init__(self, name, timeout, tests, no_copy_container=False, delay=0) :
super().__init__(name, "docker", timeout, tests, no_copy_container=no_copy_container, delay=delay)
self._domains = {
r"www\.example\.com": getenv("TEST_DOMAIN1"),
r"auth\.example\.com": getenv("TEST_DOMAIN1"),

4
tests/KubernetesTest.py
View File

@ -9,8 +9,8 @@ from logger import log
class KubernetesTest(Test) :
def __init__(self, name, timeout, tests) :
super().__init__(name, "kubernetes", timeout, tests)
def __init__(self, name, timeout, tests, delay=0) :
super().__init__(name, "kubernetes", timeout, tests, delay=delay)
self._domains = {
r"www\.example\.com": getenv("TEST_DOMAIN1_1"),
r"auth\.example\.com": getenv("TEST_DOMAIN1_2"),

4
tests/SwarmTest.py
View File

@ -9,8 +9,8 @@ from logger import log
class SwarmTest(Test) :
def __init__(self, name, timeout, tests) :
super().__init__(name, "swarm", timeout, tests)
def __init__(self, name, timeout, tests, delay=0) :
super().__init__(name, "swarm", timeout, tests, delay=delay)
self._domains = {
r"www\.example\.com": getenv("TEST_DOMAIN1_1"),
r"auth\.example\.com": getenv("TEST_DOMAIN1_2"),

6
tests/Test.py
View File

@ -13,12 +13,13 @@ from logger import log
class Test(ABC) :
def __init__(self, name, kind, timeout, tests, no_copy_container=False) :
def __init__(self, name, kind, timeout, tests, no_copy_container=False, delay=0) :
self._name = name
self.__kind = kind
self._timeout = timeout
self.__tests = tests
self._no_copy_container = no_copy_container
self.__delay = delay
log("TEST", "", "instiantiated with " + str(len(tests)) + " tests and timeout of " + str(timeout) + "s for " + self._name)
# Class method
@ -73,6 +74,9 @@ class Test(ABC) :
def run_tests(self) :
if not self._setup_test() :
return False
if self.__delay != 0 :
log("TEST", "", "delay is set, sleeping " + str(self.__delay) + "s")
sleep(self.__delay)
start = time()
while time() < start + self._timeout :
all_ok = True

11
tests/main.py
View File

@ -59,16 +59,19 @@ for example in glob("./examples/*") :
continue
test_obj = None
no_copy_container = False
delay = 0
if "no_copy_container" in tests :
no_copy_container = tests["no_copy_container"]
if "delay" in tests :
delay = tests["delay"]
if test_type == "docker" :
test_obj = DockerTest(tests["name"], tests["timeout"], tests["tests"], no_copy_container=no_copy_container)
test_obj = DockerTest(tests["name"], tests["timeout"], tests["tests"], no_copy_container=no_copy_container, delay=delay)
elif test_type == "autoconf" :
test_obj = AutoconfTest(tests["name"], tests["timeout"], tests["tests"], no_copy_container=no_copy_container)
test_obj = AutoconfTest(tests["name"], tests["timeout"], tests["tests"], no_copy_container=no_copy_container, delay=delay)
elif test_type == "swarm" :
test_obj = SwarmTest(tests["name"], tests["timeout"], tests["tests"])
test_obj = SwarmTest(tests["name"], tests["timeout"], tests["tests"], delay=delay)
elif test_type == "kubernetes" :
test_obj = KubernetesTest(tests["name"], tests["timeout"], tests["tests"])
test_obj = KubernetesTest(tests["name"], tests["timeout"], tests["tests"], delay=delay)
elif test_type == "linux" :
test_obj = LinuxTest(tests["name"], tests["timeout"], tests["tests"], distro)
if not test_obj.run_tests() :