Merge pull request #507 from bunkerity/dev
Merge branch "dev" into branch "staging"
This commit is contained in:
commit
4d6d95037a
|
@ -39,7 +39,7 @@ jobs:
|
|||
id: scw
|
||||
uses: scaleway/action-scw@bbcfd65cd2af73456ce439088e0d42c1657c4c38
|
||||
with:
|
||||
args: instance server create zone=fr-par-2 type=AMP2-C60 root-volume=block:50GB
|
||||
args: instance server create zone=fr-par-2 type=AMP2-C48 root-volume=block:50GB
|
||||
save-config: true
|
||||
version: v2.13.0
|
||||
access-key: ${{ secrets.SCW_ACCESS_KEY }}
|
||||
|
|
|
@ -69,7 +69,7 @@ Learn more about the core security features in the [security tuning](https://doc
|
|||
## Demo
|
||||
|
||||
<p align="center">
|
||||
<a href="https://www.youtube.com/watch?v=ZhYV-QELzA4" target="_blank"><img alt="BunkerWeb demo" src="https://yt-embed.herokuapp.com/embed?v=ZhYV-QELzA4" /></a>
|
||||
<a href="https://www.youtube.com/watch?v=ZhYV-QELzA4" target="_blank"><img alt="BunkerWeb demo" src="https://img.youtube.com/vi/ZhYV-QELzA4/0.jpg" /></a>
|
||||
</p>
|
||||
|
||||
A demo website protected with BunkerWeb is available at [demo.bunkerweb.io](https://demo.bunkerweb.io). Feel free to visit it and perform some security tests.
|
||||
|
@ -348,4 +348,4 @@ If you would like to contribute to the plugins you can read the [contributing gu
|
|||
|
||||
# Security policy
|
||||
|
||||
We take security bugs as serious issues and encourage responsible disclosure, see our [security policy](https://github.com/bunkerity/bunkerweb/tree/1.5.0/SECURITY.md) for more information.
|
||||
We take security bugs as serious issues and encourage responsible disclosure, see our [security policy](https://github.com/bunkerity/bunkerweb/tree/1.5.0/SECURITY.md) for more information.
|
||||
|
|
|
@ -13,6 +13,7 @@ Here is the list of "official" plugins that we maintain (see the [bunkerweb-plug
|
|||
| **Discord** | 1.0 | Send security notifications to a Discord channel using a Webhook. | [bunkerweb-plugins/discord](https://github.com/bunkerity/bunkerweb-plugins/tree/main/discord) |
|
||||
| **Slack** | 1.0 | Send security notifications to a Slack channel using a Webhook. | [bunkerweb-plugins/slack](https://github.com/bunkerity/bunkerweb-plugins/tree/main/slack) |
|
||||
| **VirusTotal** | 1.0 | Automatically scans uploaded files with the VirusTotal API and denies the request when a file is detected as malicious. | [bunkerweb-plugins/virustotal](https://github.com/bunkerity/bunkerweb-plugins/tree/main/virustotal) |
|
||||
| **Coraza** | 1.0 | Inspect requests using a Core Rule Set and deny malicious ones. | [bunkerweb-plugins/coraza](https://github.com/bunkerity/bunkerweb-plugins/tree/main/coraza) |
|
||||
|
||||
## How to use a plugin
|
||||
|
||||
|
@ -275,30 +276,29 @@ A file named **plugin.json** and written at the root of the plugin folder must c
|
|||
|
||||
```json
|
||||
{
|
||||
"id": "myplugin",
|
||||
"order": 42,
|
||||
"name": "My Plugin",
|
||||
"description": "Just an example plugin.",
|
||||
"version": "1.0",
|
||||
"id": "myplugin",
|
||||
"name": "My Plugin",
|
||||
"description": "Just an example plugin.",
|
||||
"version": "1.0",
|
||||
"stream": "partial",
|
||||
"settings": {
|
||||
"DUMMY_SETTING": {
|
||||
"context": "multisite",
|
||||
"default": "1234",
|
||||
"help": "Here is the help of the setting.",
|
||||
"id": "dummy-id",
|
||||
"label": "Dummy setting",
|
||||
"regex": "^.*$",
|
||||
"type": "text"
|
||||
}
|
||||
},
|
||||
"jobs": [
|
||||
{
|
||||
"name": "my-job",
|
||||
"file": "my-job.py",
|
||||
"every": "hour"
|
||||
}
|
||||
]
|
||||
"settings": {
|
||||
"DUMMY_SETTING": {
|
||||
"context": "multisite",
|
||||
"default": "1234",
|
||||
"help": "Here is the help of the setting.",
|
||||
"id": "dummy-id",
|
||||
"label": "Dummy setting",
|
||||
"regex": "^.*$",
|
||||
"type": "text"
|
||||
}
|
||||
},
|
||||
"jobs": [
|
||||
{
|
||||
"name": "my-job",
|
||||
"file": "my-job.py",
|
||||
"every": "hour"
|
||||
}
|
||||
]
|
||||
}
|
||||
```
|
||||
|
||||
|
@ -307,7 +307,6 @@ Here are the details of the fields :
|
|||
| Field | Mandatory | Type | Description |
|
||||
| :-----------: | :-------: | :----: | :------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
|
||||
| `id` | yes | string | Internal ID for the plugin : must be unique among other plugins (including "core" ones) and contain only lowercase chars. |
|
||||
| `order` | yes | int | When the plugin should be executed during the access phase : `1` for whitelisting, `2` for blacklisting, `3` for "standard security feature" or `999` if your settings don't use the access phase. |
|
||||
| `name` | yes | string | Name of your plugin. |
|
||||
| `description` | yes | string | Description of your plugin. |
|
||||
| `version` | yes | string | Version of your plugin. |
|
||||
|
|
|
@ -61,6 +61,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -70,6 +70,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -41,6 +41,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -67,6 +67,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -51,6 +51,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -51,6 +51,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -51,6 +51,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -51,6 +51,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -51,6 +51,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -55,6 +55,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
@ -101,4 +102,4 @@ networks:
|
|||
bw-services:
|
||||
|
||||
volumes:
|
||||
bw-data:
|
||||
bw-data:
|
||||
|
|
|
@ -70,6 +70,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -35,7 +35,7 @@ services:
|
|||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=drupaldb
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password
|
||||
|
||||
volumes:
|
||||
db-data:
|
||||
|
|
|
@ -45,6 +45,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
@ -66,7 +67,7 @@ services:
|
|||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=drupaldb
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password
|
||||
networks:
|
||||
- bw-services
|
||||
|
||||
|
|
|
@ -3,4 +3,4 @@ drupalPassword: "changeme42"
|
|||
drupalEmail: "contact@example.com"
|
||||
mariadb:
|
||||
auth:
|
||||
password: "changeme1337"
|
||||
password: "changeme1337"
|
||||
|
|
|
@ -33,7 +33,7 @@ services:
|
|||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=drupaldb
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password
|
||||
deploy:
|
||||
placement:
|
||||
constraints:
|
||||
|
|
|
@ -24,4 +24,4 @@ volumes:
|
|||
networks:
|
||||
bw-services:
|
||||
external: true
|
||||
name: bw-services
|
||||
name: bw-services
|
||||
|
|
|
@ -41,6 +41,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -3,4 +3,4 @@ ghostPassword: "changeme42"
|
|||
ghostHost: "www.example.com"
|
||||
mysql:
|
||||
auth:
|
||||
password: "changeme1337"
|
||||
password: "changeme1337"
|
||||
|
|
|
@ -45,6 +45,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -55,6 +55,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -36,7 +36,7 @@ services:
|
|||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=joomla_db
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match JOOMLA_DB_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match JOOMLA_DB_PASSWORD)
|
||||
|
||||
volumes:
|
||||
joomla-data:
|
||||
|
|
|
@ -45,6 +45,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
@ -68,7 +69,7 @@ services:
|
|||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=joomla_db
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match JOOMLA_DB_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match JOOMLA_DB_PASSWORD)
|
||||
networks:
|
||||
- bw-services
|
||||
volumes:
|
||||
|
|
|
@ -3,4 +3,4 @@ joomlaPassword: "changeme42"
|
|||
joomlaEmail: "contact@example.com"
|
||||
mariadb:
|
||||
auth:
|
||||
password: "changeme1337"
|
||||
password: "changeme1337"
|
||||
|
|
|
@ -36,13 +36,12 @@ services:
|
|||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=joomla_db
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match JOOMLA_DB_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match JOOMLA_DB_PASSWORD)
|
||||
deploy:
|
||||
placement:
|
||||
constraints:
|
||||
- "node.role==worker"
|
||||
|
||||
|
||||
networks:
|
||||
bw-services:
|
||||
external: true
|
||||
|
|
|
@ -48,6 +48,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -55,7 +55,7 @@ services:
|
|||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=magentodb
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MAGENTO_DATABASE_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MAGENTO_DATABASE_PASSWORD)
|
||||
|
||||
volumes:
|
||||
magento-data:
|
||||
|
|
|
@ -46,6 +46,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
@ -85,7 +86,7 @@ services:
|
|||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=magentodb
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MAGENTO_DATABASE_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MAGENTO_DATABASE_PASSWORD)
|
||||
networks:
|
||||
- bw-services
|
||||
|
||||
|
|
|
@ -7,4 +7,4 @@ magentoLastName: "Doe"
|
|||
magentoAdminUri: "admin"
|
||||
mariadb:
|
||||
auth:
|
||||
password: "changeme1337"
|
||||
password: "changeme1337"
|
||||
|
|
|
@ -50,7 +50,7 @@ services:
|
|||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=magentodb
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MAGENTO_DATABASE_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MAGENTO_DATABASE_PASSWORD)
|
||||
deploy:
|
||||
placement:
|
||||
constraints:
|
||||
|
|
|
@ -61,6 +61,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -44,6 +44,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -13,10 +13,10 @@ services:
|
|||
- moodle-files:/bitnami/moodle
|
||||
- moodle-data:/bitnami/moodledata
|
||||
environment:
|
||||
- MOODLE_USERNAME=admin # replace with your moodle admin username
|
||||
- MOODLE_PASSWORD=password # replace with your moodle admin password
|
||||
- MOODLE_EMAIL=moodle@example.com # replace with your moodle admin email
|
||||
- MOODLE_SITE_NAME=My Moodle # replace with your moodle site name
|
||||
- MOODLE_USERNAME=admin # replace with your moodle admin username
|
||||
- MOODLE_PASSWORD=password # replace with your moodle admin password
|
||||
- MOODLE_EMAIL=moodle@example.com # replace with your moodle admin email
|
||||
- MOODLE_SITE_NAME=My Moodle # replace with your moodle site name
|
||||
- MOODLE_DATABASE_HOST=mydb
|
||||
- MOODLE_DATABASE_NAME=moodle
|
||||
- MOODLE_DATABASE_USER=user
|
||||
|
@ -36,10 +36,10 @@ services:
|
|||
aliases:
|
||||
- mydb
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=moodle
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MOODLE_DATABASE_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MOODLE_DATABASE_PASSWORD)
|
||||
- MARIADB_CHARACTER_SET=utf8mb4
|
||||
- MARIADB_COLLATE=utf8mb4_unicode_ci
|
||||
|
||||
|
|
|
@ -42,6 +42,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
@ -53,10 +54,10 @@ services:
|
|||
- moodle-files:/bitnami/moodle
|
||||
- moodle-data:/bitnami/moodledata
|
||||
environment:
|
||||
- MOODLE_USERNAME=admin # replace with your moodle admin username
|
||||
- MOODLE_PASSWORD=password # replace with your moodle admin password
|
||||
- MOODLE_EMAIL=moodle@example.com # replace with your moodle admin email
|
||||
- MOODLE_SITE_NAME=My Moodle # replace with your moodle site name
|
||||
- MOODLE_USERNAME=admin # replace with your moodle admin username
|
||||
- MOODLE_PASSWORD=password # replace with your moodle admin password
|
||||
- MOODLE_EMAIL=moodle@example.com # replace with your moodle admin email
|
||||
- MOODLE_SITE_NAME=My Moodle # replace with your moodle site name
|
||||
- MOODLE_DATABASE_HOST=mydb
|
||||
- MOODLE_DATABASE_NAME=moodle
|
||||
- MOODLE_DATABASE_USER=user
|
||||
|
@ -69,10 +70,10 @@ services:
|
|||
volumes:
|
||||
- db-data:/var/lib/mysql
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=moodle
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MOODLE_DATABASE_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MOODLE_DATABASE_PASSWORD)
|
||||
- MARIADB_CHARACTER_SET=utf8mb4
|
||||
- MARIADB_COLLATE=utf8mb4_unicode_ci
|
||||
networks:
|
||||
|
|
|
@ -4,4 +4,4 @@ moodlePassword: "changeme42"
|
|||
moodleEmail: "admin@example.com"
|
||||
mariadb:
|
||||
auth:
|
||||
password: "changeme1337"
|
||||
password: "changeme1337"
|
||||
|
|
|
@ -36,10 +36,10 @@ services:
|
|||
networks:
|
||||
- bw-services
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=moodle
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MOODLE_DATABASE_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MOODLE_DATABASE_PASSWORD)
|
||||
- MARIADB_CHARACTER_SET=utf8mb4
|
||||
- MARIADB_COLLATE=utf8mb4_unicode_ci
|
||||
deploy:
|
||||
|
|
|
@ -56,7 +56,6 @@ services:
|
|||
bunkerweb.CUSTOM_CONF_MODSEC_nextcloud=
|
||||
SecRule REQUEST_FILENAME "@rx ^/remote.php/dav/files/" "id:2000,ctl:ruleRemoveByTag=attack-protocol,ctl:ruleRemoveByTag=attack-generic,nolog"
|
||||
|
||||
|
||||
mydb:
|
||||
image: mariadb
|
||||
command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
|
||||
|
@ -70,7 +69,7 @@ services:
|
|||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=nc
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD)
|
||||
|
||||
volumes:
|
||||
nc-files:
|
||||
|
|
|
@ -71,6 +71,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
@ -110,7 +111,6 @@ volumes:
|
|||
db-data:
|
||||
nc-files:
|
||||
|
||||
|
||||
networks:
|
||||
bw-universe:
|
||||
ipam:
|
||||
|
|
|
@ -48,7 +48,7 @@ services:
|
|||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=nc
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD)
|
||||
deploy:
|
||||
placement:
|
||||
constraints:
|
||||
|
|
|
@ -13,7 +13,7 @@ services:
|
|||
environment:
|
||||
- APP_FULL_BASE_URL=https://www.example.com # replace with your URL
|
||||
- DATASOURCES_DEFAULT_HOST=mydb
|
||||
- DATASOURCES_DEFAULT_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD)
|
||||
- DATASOURCES_DEFAULT_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD)
|
||||
- DATASOURCES_DEFAULT_USERNAME=user
|
||||
- DATASOURCES_DEFAULT_DATABASE=passbolt
|
||||
volumes:
|
||||
|
@ -45,10 +45,10 @@ services:
|
|||
aliases:
|
||||
- mydb
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=passbolt
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match DATASOURCES_DEFAULT_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match DATASOURCES_DEFAULT_PASSWORD)
|
||||
|
||||
volumes:
|
||||
gpg-data:
|
||||
|
|
|
@ -7,7 +7,7 @@ services:
|
|||
- 80:8080
|
||||
- 443:8443
|
||||
environment:
|
||||
- SERVER_NAME=www.example.com # replace with your domain
|
||||
- SERVER_NAME=www.example.com # replace with your domain
|
||||
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
|
||||
- AUTO_LETS_ENCRYPT=yes
|
||||
- DISABLE_DEFAULT_SERVER=yes
|
||||
|
@ -43,6 +43,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
@ -58,7 +59,7 @@ services:
|
|||
environment:
|
||||
- APP_FULL_BASE_URL=https://www.example.com # replace with your URL
|
||||
- DATASOURCES_DEFAULT_HOST=mydb
|
||||
- DATASOURCES_DEFAULT_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD)
|
||||
- DATASOURCES_DEFAULT_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD)
|
||||
- DATASOURCES_DEFAULT_USERNAME=user
|
||||
- DATASOURCES_DEFAULT_DATABASE=passbolt
|
||||
volumes:
|
||||
|
@ -81,10 +82,10 @@ services:
|
|||
volumes:
|
||||
- db-data:/var/lib/mysql
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=passbolt
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match DATASOURCES_DEFAULT_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match DATASOURCES_DEFAULT_PASSWORD)
|
||||
networks:
|
||||
- bw-services
|
||||
|
||||
|
|
|
@ -11,7 +11,7 @@ services:
|
|||
environment:
|
||||
- APP_FULL_BASE_URL=https://www.example.com # replace with your URL
|
||||
- DATASOURCES_DEFAULT_HOST=mydb
|
||||
- DATASOURCES_DEFAULT_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD)
|
||||
- DATASOURCES_DEFAULT_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD)
|
||||
- DATASOURCES_DEFAULT_USERNAME=user
|
||||
- DATASOURCES_DEFAULT_DATABASE=passbolt
|
||||
volumes:
|
||||
|
@ -45,10 +45,10 @@ services:
|
|||
networks:
|
||||
- bw-services
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=passbolt
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match DATASOURCES_DEFAULT_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match DATASOURCES_DEFAULT_PASSWORD)
|
||||
deploy:
|
||||
placement:
|
||||
constraints:
|
||||
|
|
|
@ -48,6 +48,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
@ -65,7 +66,6 @@ services:
|
|||
volumes:
|
||||
bw-data:
|
||||
|
||||
|
||||
networks:
|
||||
bw-universe:
|
||||
ipam:
|
||||
|
|
|
@ -51,6 +51,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -47,6 +47,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -45,6 +45,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -10,4 +10,4 @@ service:
|
|||
type: ClusterIP
|
||||
mariadb:
|
||||
auth:
|
||||
password: "changeme1337"
|
||||
password: "changeme1337"
|
||||
|
|
|
@ -44,6 +44,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -51,6 +51,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -33,7 +33,7 @@ services:
|
|||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=redminedb
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match REDMINE_DB_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match REDMINE_DB_PASSWORD)
|
||||
|
||||
volumes:
|
||||
redmine-data:
|
||||
|
|
|
@ -41,6 +41,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
@ -65,7 +66,7 @@ services:
|
|||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=redminedb
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match REDMINE_DB_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match REDMINE_DB_PASSWORD)
|
||||
networks:
|
||||
- bw-universe
|
||||
- bw-services
|
||||
|
|
|
@ -6,4 +6,4 @@ service:
|
|||
type: ClusterIP
|
||||
mariadb:
|
||||
auth:
|
||||
password: "changeme1337"
|
||||
password: "changeme1337"
|
||||
|
|
|
@ -33,7 +33,7 @@ services:
|
|||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=redminedb
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match REDMINE_DB_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match REDMINE_DB_PASSWORD)
|
||||
deploy:
|
||||
placement:
|
||||
constraints:
|
||||
|
|
|
@ -44,6 +44,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -49,6 +49,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -42,6 +42,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -50,18 +50,19 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
app1:
|
||||
image: istio/tcp-echo-server:1.2
|
||||
command: [ "9000", "app1" ]
|
||||
command: ["9000", "app1"]
|
||||
networks:
|
||||
- bw-services
|
||||
|
||||
app2:
|
||||
image: istio/tcp-echo-server:1.2
|
||||
command: [ "9000", "app2" ]
|
||||
command: ["9000", "app2"]
|
||||
networks:
|
||||
- bw-services
|
||||
|
||||
|
|
|
@ -50,6 +50,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -40,6 +40,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -51,6 +51,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -20,7 +20,8 @@ services:
|
|||
- www.example.com_REVERSE_PROXY_URL=/changeme/ # replace with another url
|
||||
- www.example.com_REVERSE_PROXY_HOST=http://bw-ui:7000
|
||||
- www.example.com_REVERSE_PROXY_HEADERS=X-Script-Name /changeme # replace with another url
|
||||
- www.example.com_REVERSE_PROXY_INTERCEPT_ERRORS=no
|
||||
- www.example.com_INTERCEPTED_ERROR_CODES=400 404 405 413 429 500 501 502 503 504
|
||||
- www.example.com_SECURITY_POLICY=object-src 'none'; frame-ancestors 'self';
|
||||
labels:
|
||||
- "bunkerweb.INSTANCE"
|
||||
networks:
|
||||
|
@ -60,6 +61,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -43,7 +43,7 @@ services:
|
|||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=wp
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match WORDPRESS_DB_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match WORDPRESS_DB_PASSWORD)
|
||||
|
||||
volumes:
|
||||
wp-data:
|
||||
|
|
|
@ -42,6 +42,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
@ -66,7 +67,7 @@ services:
|
|||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=wp
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match WORDPRESS_DB_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match WORDPRESS_DB_PASSWORD)
|
||||
networks:
|
||||
- bw-services
|
||||
|
||||
|
|
|
@ -34,7 +34,7 @@ services:
|
|||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=wp
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match WORDPRESS_DB_PASSWORD)
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match WORDPRESS_DB_PASSWORD)
|
||||
deploy:
|
||||
placement:
|
||||
constraints:
|
||||
|
|
|
@ -8,4 +8,4 @@ wordpressTablePrefix: "changeme_"
|
|||
wordpressScheme: "https"
|
||||
mariadb:
|
||||
auth:
|
||||
password: "changeme1337"
|
||||
password: "changeme1337"
|
||||
|
|
|
@ -50,6 +50,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -50,6 +50,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -50,6 +50,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -50,6 +50,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -50,6 +50,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -50,6 +50,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -51,6 +51,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -51,6 +51,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -44,6 +44,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -34,6 +34,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -44,6 +44,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -34,6 +34,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -45,6 +45,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -34,6 +34,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -41,6 +41,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -34,6 +34,7 @@ services:
|
|||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
|
|
|
@ -51,6 +51,7 @@ services:
|
|||
- SERVICES=1
|
||||
- SWARM=1
|
||||
- TASKS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
deploy:
|
||||
|
|
|
@ -55,6 +55,7 @@ services:
|
|||
- SERVICES=1
|
||||
- SWARM=1
|
||||
- TASKS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
deploy:
|
||||
|
|
|
@ -51,6 +51,7 @@ services:
|
|||
- SERVICES=1
|
||||
- SWARM=1
|
||||
- TASKS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
deploy:
|
||||
|
|
|
@ -51,6 +51,7 @@ services:
|
|||
- SERVICES=1
|
||||
- SWARM=1
|
||||
- TASKS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
deploy:
|
||||
|
|
|
@ -51,6 +51,7 @@ services:
|
|||
- SERVICES=1
|
||||
- SWARM=1
|
||||
- TASKS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
deploy:
|
||||
|
|
|
@ -51,6 +51,7 @@ services:
|
|||
- SERVICES=1
|
||||
- SWARM=1
|
||||
- TASKS=1
|
||||
- LOG_LEVEL=warning
|
||||
networks:
|
||||
- bw-docker
|
||||
deploy:
|
||||
|
|
|
@ -1,13 +1,21 @@
|
|||
from os import getenv
|
||||
from time import sleep
|
||||
#!/usr/bin/python3
|
||||
|
||||
from ConfigCaller import ConfigCaller
|
||||
from Database import Database
|
||||
from logger import setup_logger
|
||||
from os import getenv
|
||||
from threading import Lock
|
||||
from time import sleep
|
||||
from typing import Literal, Optional, Union
|
||||
|
||||
from ConfigCaller import ConfigCaller # type: ignore
|
||||
from Database import Database # type: ignore
|
||||
from logger import setup_logger # type: ignore
|
||||
|
||||
|
||||
class Config(ConfigCaller):
|
||||
def __init__(self, ctrl_type, lock=None):
|
||||
def __init__(
|
||||
self,
|
||||
ctrl_type: Union[Literal["docker"], Literal["swarm"], Literal["kubernetes"]],
|
||||
lock: Optional[Lock] = None,
|
||||
):
|
||||
super().__init__()
|
||||
self.__ctrl_type = ctrl_type
|
||||
self.__lock = lock
|
||||
|
@ -77,6 +85,9 @@ class Config(ConfigCaller):
|
|||
)
|
||||
sleep(5)
|
||||
|
||||
if self.__lock:
|
||||
self.__lock.acquire()
|
||||
|
||||
# update instances in database
|
||||
err = self._db.update_instances(self.__instances)
|
||||
if err:
|
||||
|
@ -98,4 +109,7 @@ class Config(ConfigCaller):
|
|||
f"Can't save autoconf custom configs in database: {err}, custom configs may not work as expected",
|
||||
)
|
||||
|
||||
if self.__lock:
|
||||
self.__lock.release()
|
||||
|
||||
return success
|
||||
|
|
|
@ -1,14 +1,22 @@
|
|||
#!/usr/bin/python3
|
||||
|
||||
from abc import ABC, abstractmethod
|
||||
from os import getenv
|
||||
from threading import Lock
|
||||
from time import sleep
|
||||
from typing import Literal, Optional, Union
|
||||
|
||||
from Config import Config
|
||||
|
||||
from logger import setup_logger
|
||||
from logger import setup_logger # type: ignore
|
||||
|
||||
|
||||
class Controller(ABC):
|
||||
def __init__(self, ctrl_type, lock=None):
|
||||
def __init__(
|
||||
self,
|
||||
ctrl_type: Union[Literal["docker"], Literal["swarm"], Literal["kubernetes"]],
|
||||
lock: Optional[Lock] = None,
|
||||
):
|
||||
self._type = ctrl_type
|
||||
self._instances = []
|
||||
self._services = []
|
||||
|
@ -27,7 +35,7 @@ class Controller(ABC):
|
|||
self._config = Config(ctrl_type, lock)
|
||||
self.__logger = setup_logger("Controller", getenv("LOG_LEVEL", "INFO"))
|
||||
|
||||
def wait(self, wait_time):
|
||||
def wait(self, wait_time: int) -> list:
|
||||
all_ready = False
|
||||
while not all_ready:
|
||||
self._instances = self.get_instances()
|
||||
|
@ -59,8 +67,7 @@ class Controller(ABC):
|
|||
def get_instances(self):
|
||||
instances = []
|
||||
for controller_instance in self._get_controller_instances():
|
||||
for instance in self._to_instances(controller_instance):
|
||||
instances.append(instance)
|
||||
instances.extend(self._to_instances(controller_instance))
|
||||
return instances
|
||||
|
||||
@abstractmethod
|
||||
|
@ -86,10 +93,8 @@ class Controller(ABC):
|
|||
def get_services(self):
|
||||
services = []
|
||||
for controller_service in self._get_controller_services():
|
||||
for service in self._to_services(controller_service):
|
||||
services.append(service)
|
||||
for static_service in self._get_static_services():
|
||||
services.append(static_service)
|
||||
services.extend(self._to_services(controller_service))
|
||||
services.extend(self._get_static_services())
|
||||
return services
|
||||
|
||||
@abstractmethod
|
||||
|
@ -106,8 +111,8 @@ class Controller(ABC):
|
|||
|
||||
def _is_service_present(self, server_name):
|
||||
for service in self._services:
|
||||
if not "SERVER_NAME" in service or service["SERVER_NAME"] == "":
|
||||
if not "SERVER_NAME" in service or not service["SERVER_NAME"]:
|
||||
continue
|
||||
if server_name == service["SERVER_NAME"].split(" ")[0]:
|
||||
if server_name == service["SERVER_NAME"].strip().split(" ")[0]:
|
||||
return True
|
||||
return False
|
||||
|
|
|
@ -1,11 +1,15 @@
|
|||
#!/usr/bin/python3
|
||||
|
||||
from os import getenv
|
||||
from typing import Any, Dict, List
|
||||
from docker import DockerClient
|
||||
from re import compile as re_compile
|
||||
from traceback import format_exc
|
||||
|
||||
from docker.models.containers import Container
|
||||
from Controller import Controller
|
||||
from ConfigCaller import ConfigCaller
|
||||
from logger import setup_logger
|
||||
from ConfigCaller import ConfigCaller # type: ignore
|
||||
from logger import setup_logger # type: ignore
|
||||
|
||||
|
||||
class DockerController(Controller, ConfigCaller):
|
||||
|
@ -18,13 +22,13 @@ class DockerController(Controller, ConfigCaller):
|
|||
r"^bunkerweb.CUSTOM_CONF_(SERVER_HTTP|MODSEC_CRS|MODSEC)_(.+)$"
|
||||
)
|
||||
|
||||
def _get_controller_instances(self):
|
||||
def _get_controller_instances(self) -> List[Container]:
|
||||
return self.__client.containers.list(filters={"label": "bunkerweb.INSTANCE"})
|
||||
|
||||
def _get_controller_services(self):
|
||||
def _get_controller_services(self) -> List[Container]:
|
||||
return self.__client.containers.list(filters={"label": "bunkerweb.SERVER_NAME"})
|
||||
|
||||
def _to_instances(self, controller_instance):
|
||||
def _to_instances(self, controller_instance) -> List[dict]:
|
||||
instance = {}
|
||||
instance["name"] = controller_instance.name
|
||||
instance["hostname"] = controller_instance.name
|
||||
|
@ -40,18 +44,18 @@ class DockerController(Controller, ConfigCaller):
|
|||
instance["env"][variable] = value
|
||||
return [instance]
|
||||
|
||||
def _to_services(self, controller_service):
|
||||
def _to_services(self, controller_service) -> List[dict]:
|
||||
service = {}
|
||||
for variable, value in controller_service.labels.items():
|
||||
if not variable.startswith("bunkerweb."):
|
||||
continue
|
||||
real_variable = variable.replace("bunkerweb.", "", 1)
|
||||
if not self._is_multisite_setting(real_variable):
|
||||
if not self._is_setting_context(real_variable, "multisite"):
|
||||
continue
|
||||
service[real_variable] = value
|
||||
return [service]
|
||||
|
||||
def _get_static_services(self):
|
||||
def _get_static_services(self) -> List[dict]:
|
||||
services = []
|
||||
variables = {}
|
||||
for instance in self.__client.containers.list(
|
||||
|
@ -71,14 +75,14 @@ class DockerController(Controller, ConfigCaller):
|
|||
for variable, value in variables.items():
|
||||
prefix = variable.split("_")[0]
|
||||
real_variable = variable.replace(f"{prefix}_", "", 1)
|
||||
if prefix == server_name and self._is_multisite_setting(
|
||||
real_variable
|
||||
if prefix == server_name and self._is_setting_context(
|
||||
real_variable, "multisite"
|
||||
):
|
||||
service[real_variable] = value
|
||||
services.append(service)
|
||||
return services
|
||||
|
||||
def get_configs(self):
|
||||
def get_configs(self) -> Dict[str, Dict[str, Any]]:
|
||||
configs = {config_type: {} for config_type in self._supported_config_types}
|
||||
# get site configs from labels
|
||||
for container in self.__client.containers.list(
|
||||
|
@ -106,7 +110,7 @@ class DockerController(Controller, ConfigCaller):
|
|||
] = value
|
||||
return configs
|
||||
|
||||
def apply_config(self):
|
||||
def apply_config(self) -> bool:
|
||||
return self._config.apply(
|
||||
self._instances, self._services, configs=self._configs
|
||||
)
|
||||
|
|
|
@ -60,7 +60,7 @@ RUN apk add --no-cache bash && \
|
|||
chmod 750 /usr/share/bunkerweb/cli/main.py /usr/share/bunkerweb/helpers/*.sh /usr/bin/bwcli /usr/share/bunkerweb/autoconf/main.py /usr/share/bunkerweb/deps/python/bin/*
|
||||
|
||||
# Fix CVEs
|
||||
RUN apk add "libcrypto3>=3.0.8-r4" "libssl3>=3.0.8-r4"
|
||||
# There are no CVEs for python:3.11.3-alpine at the moment
|
||||
|
||||
VOLUME /data /etc/nginx
|
||||
|
||||
|
|
|
@ -1,13 +1,16 @@
|
|||
#!/usr/bin/python3
|
||||
|
||||
from os import getenv
|
||||
from time import sleep
|
||||
from traceback import format_exc
|
||||
from typing import List
|
||||
from kubernetes import client, config, watch
|
||||
from kubernetes.client.exceptions import ApiException
|
||||
from threading import Thread, Lock
|
||||
|
||||
from Controller import Controller
|
||||
from ConfigCaller import ConfigCaller
|
||||
from logger import setup_logger
|
||||
from ConfigCaller import ConfigCaller # type: ignore
|
||||
from logger import setup_logger # type: ignore
|
||||
|
||||
|
||||
class IngressController(Controller, ConfigCaller):
|
||||
|
@ -20,7 +23,7 @@ class IngressController(Controller, ConfigCaller):
|
|||
self.__internal_lock = Lock()
|
||||
self.__logger = setup_logger("Ingress-controller", getenv("LOG_LEVEL", "INFO"))
|
||||
|
||||
def _get_controller_instances(self):
|
||||
def _get_controller_instances(self) -> list:
|
||||
return [
|
||||
pod
|
||||
for pod in self.__corev1.list_pod_for_all_namespaces(watch=False).items
|
||||
|
@ -30,7 +33,7 @@ class IngressController(Controller, ConfigCaller):
|
|||
)
|
||||
]
|
||||
|
||||
def _to_instances(self, controller_instance):
|
||||
def _to_instances(self, controller_instance) -> List[dict]:
|
||||
instance = {}
|
||||
instance["name"] = controller_instance.metadata.name
|
||||
instance["hostname"] = controller_instance.status.pod_ip
|
||||
|
@ -48,7 +51,9 @@ class IngressController(Controller, ConfigCaller):
|
|||
pod = container
|
||||
break
|
||||
if not pod:
|
||||
self.__logger.warning(f"Missing container bunkerweb in pod {controller_instance.metadata.name}")
|
||||
self.__logger.warning(
|
||||
f"Missing container bunkerweb in pod {controller_instance.metadata.name}"
|
||||
)
|
||||
else:
|
||||
for env in pod.env:
|
||||
instance["env"][env.name] = env.value or ""
|
||||
|
@ -65,10 +70,10 @@ class IngressController(Controller, ConfigCaller):
|
|||
instance["env"][variable] = value
|
||||
return [instance]
|
||||
|
||||
def _get_controller_services(self):
|
||||
def _get_controller_services(self) -> list:
|
||||
return self.__networkingv1.list_ingress_for_all_namespaces(watch=False).items
|
||||
|
||||
def _to_services(self, controller_service):
|
||||
def _to_services(self, controller_service) -> List[dict]:
|
||||
if not controller_service.spec or not controller_service.spec.rules:
|
||||
return []
|
||||
|
||||
|
@ -145,15 +150,15 @@ class IngressController(Controller, ConfigCaller):
|
|||
continue
|
||||
|
||||
variable = annotation.replace("bunkerweb.io/", "", 1)
|
||||
server_name = service["SERVER_NAME"].split(" ")[0]
|
||||
server_name = service["SERVER_NAME"].strip().split(" ")[0]
|
||||
if not variable.startswith(f"{server_name}_"):
|
||||
continue
|
||||
variable = variable.replace(f"{server_name}_", "", 1)
|
||||
if self._is_multisite_setting(variable):
|
||||
if self._is_setting_context(variable, "multisite"):
|
||||
service[variable] = value
|
||||
return services
|
||||
|
||||
def _get_static_services(self):
|
||||
def _get_static_services(self) -> List[dict]:
|
||||
services = []
|
||||
variables = {}
|
||||
for instance in self.__corev1.list_pod_for_all_namespaces(watch=False).items:
|
||||
|
@ -168,12 +173,10 @@ class IngressController(Controller, ConfigCaller):
|
|||
if container.name == "bunkerweb":
|
||||
pod = container
|
||||
break
|
||||
if not pod :
|
||||
if not pod:
|
||||
continue
|
||||
|
||||
variables = {
|
||||
env.name: env.value or "" for env in pod.env
|
||||
}
|
||||
variables = {env.name: env.value or "" for env in pod.env}
|
||||
|
||||
if "SERVER_NAME" in variables and variables["SERVER_NAME"].strip():
|
||||
for server_name in variables["SERVER_NAME"].strip().split(" "):
|
||||
|
@ -181,14 +184,14 @@ class IngressController(Controller, ConfigCaller):
|
|||
for variable, value in variables.items():
|
||||
prefix = variable.split("_")[0]
|
||||
real_variable = variable.replace(f"{prefix}_", "", 1)
|
||||
if prefix == server_name and self._is_multisite_setting(
|
||||
real_variable
|
||||
if prefix == server_name and self._is_setting_context(
|
||||
real_variable, "multisite"
|
||||
):
|
||||
service[real_variable] = value
|
||||
services.append(service)
|
||||
return services
|
||||
|
||||
def get_configs(self):
|
||||
def get_configs(self) -> dict:
|
||||
configs = {config_type: {} for config_type in self._supported_config_types}
|
||||
for configmap in self.__corev1.list_config_map_for_all_namespaces(
|
||||
watch=False
|
||||
|
@ -302,7 +305,7 @@ class IngressController(Controller, ConfigCaller):
|
|||
self.__logger.warning("Got exception, retrying in 10 seconds ...")
|
||||
sleep(10)
|
||||
|
||||
def apply_config(self):
|
||||
def apply_config(self) -> bool:
|
||||
return self._config.apply(
|
||||
self._instances, self._services, configs=self._configs
|
||||
)
|
||||
|
|
|
@ -1,13 +1,17 @@
|
|||
#!/usr/bin/python3
|
||||
|
||||
from os import getenv
|
||||
from time import sleep
|
||||
from traceback import format_exc
|
||||
from threading import Thread, Lock
|
||||
from typing import Any, Dict, List
|
||||
from docker import DockerClient
|
||||
from base64 import b64decode
|
||||
|
||||
from docker.models.services import Service
|
||||
from Controller import Controller
|
||||
from ConfigCaller import ConfigCaller
|
||||
from logger import setup_logger
|
||||
from ConfigCaller import ConfigCaller # type: ignore
|
||||
from logger import setup_logger # type: ignore
|
||||
|
||||
|
||||
class SwarmController(Controller, ConfigCaller):
|
||||
|
@ -18,13 +22,13 @@ class SwarmController(Controller, ConfigCaller):
|
|||
self.__internal_lock = Lock()
|
||||
self.__logger = setup_logger("Swarm-controller", getenv("LOG_LEVEL", "INFO"))
|
||||
|
||||
def _get_controller_instances(self):
|
||||
def _get_controller_instances(self) -> List[Service]:
|
||||
return self.__client.services.list(filters={"label": "bunkerweb.INSTANCE"})
|
||||
|
||||
def _get_controller_services(self):
|
||||
def _get_controller_services(self) -> List[Service]:
|
||||
return self.__client.services.list(filters={"label": "bunkerweb.SERVER_NAME"})
|
||||
|
||||
def _to_instances(self, controller_instance):
|
||||
def _to_instances(self, controller_instance) -> List[dict]:
|
||||
instances = []
|
||||
instance_env = {}
|
||||
for env in controller_instance.attrs["Spec"]["TaskTemplate"]["ContainerSpec"][
|
||||
|
@ -48,18 +52,18 @@ class SwarmController(Controller, ConfigCaller):
|
|||
)
|
||||
return instances
|
||||
|
||||
def _to_services(self, controller_service):
|
||||
def _to_services(self, controller_service) -> List[dict]:
|
||||
service = {}
|
||||
for variable, value in controller_service.attrs["Spec"]["Labels"].items():
|
||||
if not variable.startswith("bunkerweb."):
|
||||
continue
|
||||
real_variable = variable.replace("bunkerweb.", "", 1)
|
||||
if not self._is_multisite_setting(real_variable):
|
||||
if not self._is_setting_context(real_variable, "multisite"):
|
||||
continue
|
||||
service[real_variable] = value
|
||||
return [service]
|
||||
|
||||
def _get_static_services(self):
|
||||
def _get_static_services(self) -> List[dict]:
|
||||
services = []
|
||||
variables = {}
|
||||
for instance in self.__client.services.list(
|
||||
|
@ -81,14 +85,14 @@ class SwarmController(Controller, ConfigCaller):
|
|||
for variable, value in variables.items():
|
||||
prefix = variable.split("_")[0]
|
||||
real_variable = variable.replace(f"{prefix}_", "", 1)
|
||||
if prefix == server_name and self._is_multisite_setting(
|
||||
real_variable
|
||||
if prefix == server_name and self._is_setting_context(
|
||||
real_variable, "multisite"
|
||||
):
|
||||
service[real_variable] = value
|
||||
services.append(service)
|
||||
return services
|
||||
|
||||
def get_configs(self):
|
||||
def get_configs(self) -> Dict[str, Dict[str, Any]]:
|
||||
configs = {}
|
||||
for config_type in self._supported_config_types:
|
||||
configs[config_type] = {}
|
||||
|
@ -127,7 +131,7 @@ class SwarmController(Controller, ConfigCaller):
|
|||
)
|
||||
return configs
|
||||
|
||||
def apply_config(self):
|
||||
def apply_config(self) -> bool:
|
||||
return self._config.apply(
|
||||
self._instances, self._services, configs=self._configs
|
||||
)
|
||||
|
|
|
@ -1,21 +1,20 @@
|
|||
#!/usr/bin/python3
|
||||
|
||||
from os import _exit, getenv
|
||||
from os import _exit, getenv, sep
|
||||
from os.path import join
|
||||
from signal import SIGINT, SIGTERM, signal
|
||||
from sys import exit as sys_exit, path as sys_path
|
||||
from traceback import format_exc
|
||||
from pathlib import Path
|
||||
|
||||
sys_path.extend(
|
||||
(
|
||||
"/usr/share/bunkerweb/deps/python",
|
||||
"/usr/share/bunkerweb/utils",
|
||||
"/usr/share/bunkerweb/api",
|
||||
"/usr/share/bunkerweb/db",
|
||||
)
|
||||
)
|
||||
for deps_path in [
|
||||
join(sep, "usr", "share", "bunkerweb", *paths)
|
||||
for paths in (("deps", "python"), ("utils",), ("api",), ("db",))
|
||||
]:
|
||||
if deps_path not in sys_path:
|
||||
sys_path.append(deps_path)
|
||||
|
||||
from logger import setup_logger
|
||||
from logger import setup_logger # type: ignore
|
||||
from SwarmController import SwarmController
|
||||
from IngressController import IngressController
|
||||
from DockerController import DockerController
|
||||
|
@ -70,12 +69,11 @@ try:
|
|||
_exit(1)
|
||||
|
||||
# Process events
|
||||
Path("/var/tmp/bunkerweb/autoconf.healthy").write_text("ok")
|
||||
Path(sep, "var", "tmp", "bunkerweb", "autoconf.healthy").write_text("ok")
|
||||
logger.info("Processing events ...")
|
||||
controller.process_events()
|
||||
|
||||
except:
|
||||
logger.error(f"Exception while running autoconf :\n{format_exc()}")
|
||||
sys_exit(1)
|
||||
finally:
|
||||
Path("/var/tmp/bunkerweb/autoconf.healthy").unlink(missing_ok=True)
|
||||
Path(sep, "var", "tmp", "bunkerweb", "autoconf.healthy").unlink(missing_ok=True)
|
||||
|
|
|
@ -69,7 +69,7 @@ RUN apk add --no-cache pcre bash python3 && \
|
|||
ln -s /proc/1/fd/1 /var/log/nginx/access.log
|
||||
|
||||
# Fix CVEs
|
||||
RUN apk add "libcrypto3>=3.0.8-r4" "libssl3>=3.0.8-r4" "curl>=8.1.0-r0" "libcurl>=8.1.0-r0"
|
||||
RUN apk add "libcrypto3>=3.0.8-r4" "libssl3>=3.0.8-r4" "curl>=8.1.0-r0" "libcurl>=8.1.0-r0" "libwebp>=1.2.4-r2"
|
||||
|
||||
VOLUME /data /etc/nginx
|
||||
|
||||
|
|
|
@ -1,52 +1,48 @@
|
|||
#!/usr/bin/python3
|
||||
|
||||
from typing import Literal, Optional, Union
|
||||
from requests import request
|
||||
|
||||
|
||||
class API:
|
||||
def __init__(self, endpoint, host="bwapi"):
|
||||
def __init__(self, endpoint: str, host: str = "bwapi"):
|
||||
self.__endpoint = endpoint
|
||||
self.__host = host
|
||||
|
||||
def get_endpoint(self):
|
||||
def get_endpoint(self) -> str:
|
||||
return self.__endpoint
|
||||
|
||||
def get_host(self):
|
||||
def get_host(self) -> str:
|
||||
return self.__host
|
||||
|
||||
def request(self, method, url, data=None, files=None, timeout=(10, 30)):
|
||||
def request(
|
||||
self,
|
||||
method: Union[Literal["POST"], Literal["GET"]],
|
||||
url: str,
|
||||
data: Optional[Union[dict, bytes]] = None,
|
||||
files=None,
|
||||
timeout=(10, 30),
|
||||
) -> tuple[bool, str, Optional[int], Optional[dict]]:
|
||||
try:
|
||||
headers = {}
|
||||
headers["User-Agent"] = "bwapi"
|
||||
headers["Host"] = self.__host
|
||||
kwargs = {}
|
||||
if isinstance(data, dict):
|
||||
resp = request(
|
||||
method,
|
||||
f"{self.__endpoint}{url}",
|
||||
json=data,
|
||||
timeout=timeout,
|
||||
headers=headers,
|
||||
)
|
||||
kwargs["json"] = data
|
||||
elif isinstance(data, bytes):
|
||||
resp = request(
|
||||
method,
|
||||
f"{self.__endpoint}{url}",
|
||||
data=data,
|
||||
timeout=timeout,
|
||||
headers=headers,
|
||||
)
|
||||
elif files:
|
||||
resp = request(
|
||||
method,
|
||||
f"{self.__endpoint}{url}",
|
||||
files=files,
|
||||
timeout=timeout,
|
||||
headers=headers,
|
||||
)
|
||||
elif not data:
|
||||
resp = request(
|
||||
method, f"{self.__endpoint}{url}", timeout=timeout, headers=headers
|
||||
)
|
||||
else:
|
||||
return False, "unsupported data type", None, None
|
||||
kwargs["data"] = data
|
||||
elif data is not None:
|
||||
return False, f"Unsupported data type: {type(data)}", None, None
|
||||
|
||||
if files:
|
||||
kwargs["files"] = files
|
||||
|
||||
resp = request(
|
||||
method,
|
||||
f"{self.__endpoint}{url}",
|
||||
timeout=timeout,
|
||||
headers={"User-Agent": "bwapi", "Host": self.__host},
|
||||
**kwargs,
|
||||
)
|
||||
except Exception as e:
|
||||
return False, str(e), None, None
|
||||
return False, f"Request failed: {e}", None, None
|
||||
|
||||
return True, "ok", resp.status_code, resp.json()
|
||||
|
|
|
@ -1,17 +1,20 @@
|
|||
from os import getenv
|
||||
#!/usr/bin/python3
|
||||
|
||||
from dotenv import dotenv_values
|
||||
from os import getenv, sep
|
||||
from os.path import join
|
||||
from pathlib import Path
|
||||
from redis import StrictRedis
|
||||
from sys import path as sys_path
|
||||
from typing import Tuple
|
||||
|
||||
|
||||
if "/usr/share/bunkerweb/utils" not in sys_path:
|
||||
sys_path.append("/usr/share/bunkerweb/utils")
|
||||
if join(sep, "usr", "share", "bunkerweb", "utils") not in sys_path:
|
||||
sys_path.append(join(sep, "usr", "share", "bunkerweb", "utils"))
|
||||
|
||||
from API import API
|
||||
from ApiCaller import ApiCaller
|
||||
from logger import setup_logger
|
||||
from API import API # type: ignore
|
||||
from ApiCaller import ApiCaller # type: ignore
|
||||
from logger import setup_logger # type: ignore
|
||||
|
||||
|
||||
def format_remaining_time(seconds):
|
||||
|
@ -37,14 +40,15 @@ def format_remaining_time(seconds):
|
|||
class CLI(ApiCaller):
|
||||
def __init__(self):
|
||||
self.__logger = setup_logger("CLI", getenv("LOG_LEVEL", "INFO"))
|
||||
db_path = Path(sep, "usr", "share", "bunkerweb", "db")
|
||||
|
||||
if not Path("/usr/share/bunkerweb/db").is_dir():
|
||||
self.__variables = dotenv_values("/etc/nginx/variables.env")
|
||||
if not db_path.is_dir():
|
||||
self.__variables = dotenv_values(join(sep, "etc", "nginx", "variables.env"))
|
||||
else:
|
||||
if "/usr/share/bunkerweb/db" not in sys_path:
|
||||
sys_path.append("/usr/share/bunkerweb/db")
|
||||
if str(db_path) not in sys_path:
|
||||
sys_path.append(str(db_path))
|
||||
|
||||
from Database import Database
|
||||
from Database import Database # type: ignore
|
||||
|
||||
db = Database(
|
||||
self.__logger,
|
||||
|
@ -110,7 +114,7 @@ class CLI(ApiCaller):
|
|||
)
|
||||
self.__use_redis = False
|
||||
|
||||
if not Path("/usr/share/bunkerweb/db").is_dir() or self.__integration not in (
|
||||
if not db_path.is_dir() or self.__integration not in (
|
||||
"kubernetes",
|
||||
"swarm",
|
||||
"autoconf",
|
||||
|
@ -129,18 +133,17 @@ class CLI(ApiCaller):
|
|||
self.auto_setup(self.__integration)
|
||||
|
||||
def __detect_integration(self) -> str:
|
||||
integration_path = Path(sep, "usr", "share", "bunkerweb", "INTEGRATION")
|
||||
os_release_path = Path(sep, "etc", "os-release")
|
||||
if self.__variables.get("KUBERNETES_MODE", "no").lower() == "yes":
|
||||
return "kubernetes"
|
||||
elif self.__variables.get("SWARM_MODE", "no").lower() == "yes":
|
||||
return "swarm"
|
||||
elif self.__variables.get("AUTOCONF_MODE", "no").lower() == "yes":
|
||||
return "autoconf"
|
||||
elif Path("/usr/share/bunkerweb/INTEGRATION").is_file():
|
||||
return Path("/usr/share/bunkerweb/INTEGRATION").read_text().strip().lower()
|
||||
elif (
|
||||
Path("/etc/os-release").is_file()
|
||||
and "Alpine" in Path("/etc/os-release").read_text()
|
||||
):
|
||||
elif integration_path.is_file():
|
||||
return integration_path.read_text().strip().lower()
|
||||
elif os_release_path.is_file() and "Alpine" in os_release_path.read_text():
|
||||
return "docker"
|
||||
|
||||
return "linux"
|
||||
|
|
|
@ -1,20 +1,19 @@
|
|||
#!/usr/bin/env python3
|
||||
#!/usr/bin/python3
|
||||
|
||||
from argparse import ArgumentParser
|
||||
from os import _exit, getenv
|
||||
from sys import exit as sys_exit, path
|
||||
from os import _exit, getenv, sep
|
||||
from os.path import join
|
||||
from sys import exit as sys_exit, path as sys_path
|
||||
from traceback import format_exc
|
||||
|
||||
path.extend(
|
||||
(
|
||||
"/usr/share/bunkerweb/deps/python",
|
||||
"/usr/share/bunkerweb/cli",
|
||||
"/usr/share/bunkerweb/utils",
|
||||
"/usr/share/bunkerweb/api",
|
||||
)
|
||||
)
|
||||
for deps_path in [
|
||||
join(sep, "usr", "share", "bunkerweb", *paths)
|
||||
for paths in (("deps", "python"), ("utils",), ("api",), ("db",))
|
||||
]:
|
||||
if deps_path not in sys_path:
|
||||
sys_path.append(deps_path)
|
||||
|
||||
from logger import setup_logger
|
||||
from logger import setup_logger # type: ignore
|
||||
from CLI import CLI
|
||||
|
||||
if __name__ == "__main__":
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue