librewolf
/
bunkerized-nginx
mirror of https://github.com/bunkerity/bunkerized-nginx
4
0
Fork 1
Code Issues Projects Releases Wiki Activity

autoconf - support both configs from files and autoconf

This commit is contained in:
florian 2022-07-01 21:35:34 +02:00
parent e0a7005062
commit 2dc18a7942
2 changed files with 39 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
autoconf/Config.py
View File

@ -4,8 +4,8 @@ from time import sleep
from subprocess import run, DEVNULL, STDOUT
from glob import glob
from shutil import rmtree
from os import makedirs
from os.path import dirname
from os import makedirs, remove, listdir
from os.path import dirname, isdir
from json import loads
from API import API
@ -93,8 +93,6 @@ class Config(ApiCaller, ConfigCaller) :
def __write_configs(self) :
ret = True
for config_type in self.__configs :
rmtree("/data/configs/" + config_type)
makedirs("/data/configs/" + config_type, exist_ok=True)
for file, data in self.__configs[config_type].items() :
path = "/data/configs/" + config_type + "/" + file
if not path.endswith(".conf") :
@ -112,6 +110,32 @@ class Config(ApiCaller, ConfigCaller) :
ret = False
return ret
def __remove_configs(self) :
ret = True
for config_type in self.__configs :
for file, data in self.__configs[config_type].items() :
path = "/data/configs/" + config_type + "/" + file
if not path.endswith(".conf") :
path += ".conf"
try :
remove(path)
except :
print(format_exc())
log("CONFIG", "", "Can't remove file " + path)
ret = False
check_empty_dirs = []
for type in ["server-http", "modsec", "modsec-crs"] :
check_empty_dirs.extend(glob("/data/configs/" + type + "/*"))
for check_empty_dirs in check_empty_dirs :
if isdir(check_empty_dir) and len(listdir(check_empty_dir)) == 0 :
try :
rmtree(check_empty_dir)
except :
print(format_exc())
log("CONFIG", "", "Can't remove directory " + check_empty_dir)
ret = False
return ret
def apply(self, instances, services, configs=None) :
success = True
@ -163,10 +187,10 @@ class Config(ApiCaller, ConfigCaller) :
if proc.returncode != 0 :
success = False
log("CONFIG", "", "config generator failed, configuration will not work as expected...")
cmd = "chown -R root:101 /etc/nginx"
run(cmd.split(" "), stdin=DEVNULL, stdout=DEVNULL, stderr=STDOUT)
cmd = "chmod -R 770 /etc/nginx"
run(cmd.split(" "), stdin=DEVNULL, stdout=DEVNULL, stderr=STDOUT)
# cmd = "chown -R root:101 /etc/nginx"
# run(cmd.split(" "), stdin=DEVNULL, stdout=DEVNULL, stderr=STDOUT)
# cmd = "chmod -R 770 /etc/nginx"
# run(cmd.split(" "), stdin=DEVNULL, stdout=DEVNULL, stderr=STDOUT)
# send nginx configs
# send data folder
@ -184,6 +208,13 @@ class Config(ApiCaller, ConfigCaller) :
success = False
log("CONFIG", "", "reload failed, configuration will not work as expected...")
# remove autoconf configs
if configs != None :
ret = self.__remove_configs()
if not ret :
success = False
log("CONFIG", "", "removing custom configs failed, configuration will not work as expected...")
return success
def start_scheduler(self) :

12
autoconf/DockerController.py
View File

@ -72,18 +72,6 @@ class DockerController(Controller, ConfigCaller) :
configs = {}
for config_type in self._supported_config_types :
configs[config_type] = {}
# get non-site configs from disk
global_configs = {
"http": glob("/data/configs/http/*.conf"),
"default-server-http": glob("/data/configs/default-server-http/*.conf"),
"server-http": glob("/data/configs/server-http/*.conf"),
"modsec": glob("/data/configs/modsec/*.conf"),
"modsec-crs": glob("/data/configs/modsec-crs/*.conf")
}
for config_type, config_paths in global_configs.items() :
for config_path in config_paths :
with open(config_path) as f :
configs[config_type][basename(config_path)] = f.read()
# get site configs from labels
for container in self.__client.containers.list(filters={"label" : "bunkerweb.SERVER_NAME"}) :
# extract server_name