Update examples and add docker-proxy
This commit is contained in:
parent
82ab6c7c43
commit
81ad9e9ac0
|
@ -14,6 +14,7 @@ services:
|
|||
environment:
|
||||
- SERVER_NAME=www.example.com # replace with your domains
|
||||
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
|
||||
- AUTO_LETS_ENCRYPT=yes
|
||||
- SERVE_FILES=no
|
||||
- DISABLE_DEFAULT_SERVER=yes
|
||||
- USE_CLIENT_CACHE=yes
|
||||
|
@ -35,11 +36,22 @@ services:
|
|||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
|
||||
docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
|
||||
myproxy:
|
||||
image: haproxy
|
||||
|
@ -71,3 +83,4 @@ networks:
|
|||
config:
|
||||
- subnet: 10.10.10.0/24
|
||||
bw-services:
|
||||
net-docker:
|
||||
|
|
|
@ -60,15 +60,30 @@ services:
|
|||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
networks:
|
||||
bbb-net:
|
||||
ipv4_address: 10.7.7.42
|
||||
net-docker:
|
||||
|
||||
docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
|
||||
...
|
||||
|
||||
volumes:
|
||||
...
|
||||
bw-data:
|
||||
|
||||
networks:
|
||||
...
|
||||
net-docker:
|
|
@ -45,11 +45,22 @@ services:
|
|||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
|
||||
docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
|
||||
mycertbot:
|
||||
image: certbot/dns-cloudflare
|
||||
|
@ -88,6 +99,7 @@ networks:
|
|||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
net-docker:
|
||||
net_app1:
|
||||
net_app2:
|
||||
net_app3:
|
||||
|
|
|
@ -45,11 +45,22 @@ services:
|
|||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
|
||||
docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
|
||||
mycertbot:
|
||||
image: certbot/dns-digitalocean
|
||||
|
@ -88,6 +99,7 @@ networks:
|
|||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
net-docker:
|
||||
net_app1:
|
||||
net_app2:
|
||||
net_app3:
|
||||
|
|
|
@ -45,11 +45,22 @@ services:
|
|||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
|
||||
docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
|
||||
mycertbot:
|
||||
image: certbot/dns-google
|
||||
|
@ -88,6 +99,7 @@ networks:
|
|||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
net-docker:
|
||||
net_app1:
|
||||
net_app2:
|
||||
net_app3:
|
||||
|
|
|
@ -45,11 +45,22 @@ services:
|
|||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
|
||||
docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
|
||||
mycertbot:
|
||||
image: certbot/dns-ovh
|
||||
|
@ -88,6 +99,7 @@ networks:
|
|||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
net-docker:
|
||||
net_app1:
|
||||
net_app2:
|
||||
net_app3:
|
||||
|
|
|
@ -2,7 +2,7 @@ version: "3"
|
|||
|
||||
services:
|
||||
mybunker:
|
||||
image: bunkerity/bunkerweb:1.4.3
|
||||
image: bunkerity/bunkerweb:1.5.0
|
||||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
|
@ -13,11 +13,12 @@ services:
|
|||
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw_data:/data
|
||||
- bw-data:/data
|
||||
- certs:/certs
|
||||
environment:
|
||||
- MULTISITE=yes
|
||||
- SERVER_NAME=app1.example.com app2.example.com app3.example.com # replace with your domains
|
||||
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
|
||||
- SERVE_FILES=no
|
||||
- DISABLE_DEFAULT_SERVER=yes
|
||||
- USE_CLIENT_CACHE=yes
|
||||
|
@ -32,11 +33,35 @@ services:
|
|||
- app2.example.com_REVERSE_PROXY_HOST=http://app2
|
||||
- app3.example.com_REVERSE_PROXY_URL=/
|
||||
- app3.example.com_REVERSE_PROXY_HOST=http://app3
|
||||
labels:
|
||||
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
|
||||
networks:
|
||||
- bw-universe
|
||||
- net_app1
|
||||
- net_app2
|
||||
- net_app3
|
||||
|
||||
bbw-scheduler:
|
||||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
|
||||
docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
|
||||
mycertbot:
|
||||
image: certbot/dns-google
|
||||
environment:
|
||||
|
@ -64,10 +89,17 @@ services:
|
|||
- net_app3
|
||||
|
||||
volumes:
|
||||
bw_data:
|
||||
bw-data:
|
||||
certs:
|
||||
|
||||
|
||||
networks:
|
||||
bw-universe:
|
||||
ipam:
|
||||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
net-docker:
|
||||
net_app1:
|
||||
net_app2:
|
||||
net_app3:
|
||||
|
|
|
@ -32,7 +32,7 @@ services:
|
|||
- app3.example.com_REMOTE_PHP=myapp3
|
||||
- app3.example.com_REMOTE_PHP_PATH=/app
|
||||
labels:
|
||||
- "bunkerweb.INSTANCE"
|
||||
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
|
||||
networks:
|
||||
- bw-universe
|
||||
- net_app1
|
||||
|
@ -43,11 +43,22 @@ services:
|
|||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
volumes:
|
||||
- ./bw-data:/data
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
- bw-data:/data
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
|
||||
docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
|
||||
myapp1:
|
||||
image: php:fpm
|
||||
|
@ -88,6 +99,7 @@ networks:
|
|||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
net-docker:
|
||||
net_app1:
|
||||
net_app2:
|
||||
net_app3:
|
||||
|
|
|
@ -66,11 +66,22 @@ services:
|
|||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
|
||||
docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
|
||||
myapp1:
|
||||
image: tutum/hello-world
|
||||
|
@ -93,3 +104,4 @@ networks:
|
|||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
bw-services:
|
||||
net-docker:
|
||||
|
|
|
@ -34,7 +34,7 @@ services:
|
|||
LIMIT_REQ_RATE_1: "5r/s"
|
||||
CUSTOM_CONF_MODSEC_CRS_drupal: 'SecAction "id:900130,phase:1,nolog,pass,t:none,setvar:tx.crs_exclusions_drupal=1"'
|
||||
labels:
|
||||
- "bunkerweb.INSTANCE"
|
||||
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
|
||||
networks:
|
||||
- bw-universe
|
||||
- bw-services
|
||||
|
@ -45,11 +45,21 @@ services:
|
|||
- mybunker
|
||||
environment:
|
||||
<<: *bunkerweb-env
|
||||
DOCKER_HOST: "tcp://docker-proxy:2375"
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
|
||||
docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
|
||||
mydrupal:
|
||||
image: drupal:9-apache
|
||||
|
@ -84,3 +94,4 @@ networks:
|
|||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
bw-services:
|
||||
net-docker:
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
#!/bin/bash
|
||||
|
||||
if [ $(id -u) -ne 0 ] ; then
|
||||
echo "❌ Run me as root"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
helm delete ghost
|
||||
kubectl delete pvc data-ghost-mysql-0
|
||||
kubectl delete pvc data-ghost-mysql-0
|
||||
|
|
|
@ -2,7 +2,7 @@ version: "3"
|
|||
|
||||
services:
|
||||
mybunker:
|
||||
image: bunkerity/bunkerweb:1.4.3
|
||||
image: bunkerity/bunkerweb:1.5.0
|
||||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
|
@ -13,9 +13,10 @@ services:
|
|||
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw_data:/data
|
||||
- bw-data:/data
|
||||
environment:
|
||||
- SERVER_NAME=www.example.com # replace with your domain
|
||||
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
|
||||
- SERVE_FILES=no
|
||||
- DISABLE_DEFAULT_SERVER=yes
|
||||
- AUTO_LETS_ENCRYPT=yes
|
||||
|
@ -24,6 +25,32 @@ services:
|
|||
- USE_REVERSE_PROXY=yes
|
||||
- REVERSE_PROXY_URL=/
|
||||
- REVERSE_PROXY_HOST=http://myghost:2368
|
||||
labels:
|
||||
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
|
||||
networks:
|
||||
- bw-universe
|
||||
- bw-services
|
||||
|
||||
bw-scheduler:
|
||||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
|
||||
docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
|
||||
myghost:
|
||||
image: ghost:alpine
|
||||
|
@ -32,6 +59,18 @@ services:
|
|||
environment:
|
||||
- url=https://www.example.com # replace with your domain
|
||||
- NODE_ENV=development
|
||||
networks:
|
||||
- bw-services
|
||||
|
||||
volumes:
|
||||
bw_data:
|
||||
bw-data:
|
||||
|
||||
|
||||
networks:
|
||||
bw-universe:
|
||||
ipam:
|
||||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
bw-services:
|
||||
net-docker:
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
#!/bin/bash
|
||||
|
||||
if [ $(id -u) -ne 0 ] ; then
|
||||
echo "❌ Run me as root"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
helm repo add bitnami https://charts.bitnami.com/bitnami
|
||||
helm install -f ghost-chart-values.yml ghost bitnami/ghost
|
||||
helm install -f ghost-chart-values.yml ghost bitnami/ghost
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
"name": "ghost",
|
||||
"kinds": ["docker", "autoconf", "swarm", "kubernetes"],
|
||||
"timeout": 60,
|
||||
"delay": 30,
|
||||
"delay": 180,
|
||||
"tests": [
|
||||
{
|
||||
"type": "string",
|
||||
|
|
|
@ -17,14 +17,7 @@ services:
|
|||
- bunkerweb.REVERSE_PROXY_HEADERS_1=Authorization $http_authorization
|
||||
- bunkerweb.MAX_CLIENT_SIZE=1G
|
||||
- |
|
||||
bunkerweb.CUSTOM_CONF_MODSEC_CRS_gogs=
|
||||
SecAction \
|
||||
"id:900220,\
|
||||
phase:1,\
|
||||
nolog,\
|
||||
pass,\
|
||||
t:none,\
|
||||
setvar:'tx.allowed_request_content_type=|application/x-www-form-urlencoded| |multipart/form-data| |multipart/related| |text/xml| |application/xml| |application/soap+xml| |application/x-amf| |application/json| |application/cloudevents+json| |application/cloudevents-batch+json| |application/octet-stream| |application/csp-report| |application/xss-auditor-report| |text/plain| |application/x-git-upload-pack-request| |application/x-git-receive-pack-request|'"
|
||||
bunkerweb.CUSTOM_CONF_MODSEC_CRS_gogs=SecAction "id:900220,phase:1,nolog,pass,t:none,setvar:'tx.allowed_request_content_type=|application/x-www-form-urlencoded| |multipart/form-data| |multipart/related| |text/xml| |application/xml| |application/soap+xml| |application/x-amf| |application/json| |application/cloudevents+json| |application/cloudevents-batch+json| |application/octet-stream| |application/csp-report| |application/xss-auditor-report| |text/plain| |application/x-git-upload-pack-request| |application/x-git-receive-pack-request|'"
|
||||
|
||||
networks:
|
||||
bw-services:
|
||||
|
|
|
@ -2,7 +2,7 @@ version: "3"
|
|||
|
||||
services:
|
||||
mybunker:
|
||||
image: bunkerity/bunkerweb:1.4.3
|
||||
image: bunkerity/bunkerweb:1.5.0
|
||||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
|
@ -16,6 +16,7 @@ services:
|
|||
- ./bw-data:/data # contains some Core Rule Set configuration to fix FP
|
||||
environment:
|
||||
- SERVER_NAME=www.example.com # replace with your domain
|
||||
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
|
||||
- SERVE_FILES=no
|
||||
- DISABLE_DEFAULT_SERVER=yes
|
||||
- AUTO_LETS_ENCRYPT=yes
|
||||
|
@ -27,16 +28,46 @@ services:
|
|||
- REVERSE_PROXY_HEADERS_1=Authorization $http_authorization
|
||||
- MAX_CLIENT_SIZE=1G
|
||||
- |
|
||||
CUSTOM_CONF_MODSEC_CRS_gogs=
|
||||
SecAction \
|
||||
"id:900220,\
|
||||
phase:1,\
|
||||
nolog,\
|
||||
pass,\
|
||||
t:none,\
|
||||
setvar:'tx.allowed_request_content_type=|application/x-www-form-urlencoded| |multipart/form-data| |multipart/related| |text/xml| |application/xml| |application/soap+xml| |application/x-amf| |application/json| |application/cloudevents+json| |application/cloudevents-batch+json| |application/octet-stream| |application/csp-report| |application/xss-auditor-report| |text/plain| |application/x-git-upload-pack-request| |application/x-git-receive-pack-request|'"
|
||||
CUSTOM_CONF_MODSEC_CRS_gogs=SecAction "id:900220,phase:1,nolog,pass,t:none,setvar:'tx.allowed_request_content_type=|application/x-www-form-urlencoded| |multipart/form-data| |multipart/related| |text/xml| |application/xml| |application/soap+xml| |application/x-amf| |application/json| |application/cloudevents+json| |application/cloudevents-batch+json| |application/octet-stream| |application/csp-report| |application/xss-auditor-report| |text/plain| |application/x-git-upload-pack-request| |application/x-git-receive-pack-request|'"
|
||||
labels:
|
||||
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
|
||||
networks:
|
||||
- bw-universe
|
||||
- bw-services
|
||||
|
||||
bw-scheduler:
|
||||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
|
||||
docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
|
||||
mygogs:
|
||||
image: gogs/gogs
|
||||
volumes:
|
||||
- ./gogs-data:/data
|
||||
networks:
|
||||
- bw-services
|
||||
|
||||
networks:
|
||||
bw-universe:
|
||||
ipam:
|
||||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
bw-services:
|
||||
net-docker:
|
||||
|
|
|
@ -27,13 +27,7 @@ metadata:
|
|||
bunkerweb.io/CONFIG_SITE: "www.example.com"
|
||||
data:
|
||||
gogs.conf: |
|
||||
SecAction \
|
||||
"id:900220,\
|
||||
phase:1,\
|
||||
nolog,\
|
||||
pass,\
|
||||
t:none,\
|
||||
setvar:'tx.allowed_request_content_type=|application/x-www-form-urlencoded| |multipart/form-data| |multipart/related| |text/xml| |application/xml| |application/soap+xml| |application/x-amf| |application/json| |application/cloudevents+json| |application/cloudevents-batch+json| |application/octet-stream| |application/csp-report| |application/xss-auditor-report| |text/plain| |application/x-git-upload-pack-request| |application/x-git-receive-pack-request|'"
|
||||
SecAction "id:900220,phase:1,nolog,pass,t:none,setvar:'tx.allowed_request_content_type=|application/x-www-form-urlencoded| |multipart/form-data| |multipart/related| |text/xml| |application/xml| |application/soap+xml| |application/x-amf| |application/json| |application/cloudevents+json| |application/cloudevents-batch+json| |application/octet-stream| |application/csp-report| |application/xss-auditor-report| |text/plain| |application/x-git-upload-pack-request| |application/x-git-receive-pack-request|'"
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
|
|
|
@ -2,7 +2,7 @@ version: "3"
|
|||
|
||||
services:
|
||||
mybunker:
|
||||
image: bunkerity/bunkerweb:1.4.3
|
||||
image: bunkerity/bunkerweb:1.5.0
|
||||
# dropping all capabilities
|
||||
cap_drop:
|
||||
- ALL
|
||||
|
@ -26,9 +26,10 @@ services:
|
|||
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw_data:/data
|
||||
- bw-data:/data
|
||||
environment:
|
||||
- SERVER_NAME=www.example.com # replace with your domain
|
||||
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
|
||||
- AUTO_LETS_ENCRYPT=yes
|
||||
- DISABLE_DEFAULT_SERVER=yes
|
||||
- USE_CLIENT_CACHE=yes
|
||||
|
@ -37,9 +38,47 @@ services:
|
|||
- REVERSE_PROXY_URL=/
|
||||
- REVERSE_PROXY_HOST=http://myapp
|
||||
- REMOTE_PHP_PATH=/app
|
||||
labels:
|
||||
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
|
||||
networks:
|
||||
- bw-universe
|
||||
- bw-services
|
||||
|
||||
bw-scheduler:
|
||||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
|
||||
docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
|
||||
myapp:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
- bw-services
|
||||
|
||||
volumes:
|
||||
bw_data:
|
||||
bw-data:
|
||||
|
||||
|
||||
networks:
|
||||
bw-universe:
|
||||
ipam:
|
||||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
bw-services:
|
||||
net-docker:
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
#!/bin/bash
|
||||
|
||||
if [ $(id -u) -ne 0 ] ; then
|
||||
echo "❌ Run me as root"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
helm delete joomla
|
||||
kubectl delete pvc data-joomla-mariadb-0
|
||||
kubectl delete pvc data-joomla-mariadb-0
|
||||
|
|
|
@ -1,8 +1,12 @@
|
|||
version: "3"
|
||||
|
||||
x-bunkerweb-env:
|
||||
&bunkerweb-env
|
||||
DATABASE_URI: "mariadb+pymysql://${JOOMLA_USER:-user}:${JOOMLA_PASSWORD:-secret}@mydb:3306/${BUNKERWEB_DATABASE:-bunkerweb}"
|
||||
|
||||
services:
|
||||
mybunker:
|
||||
image: bunkerity/bunkerweb:1.4.3
|
||||
image: bunkerity/bunkerweb:1.5.0
|
||||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
|
@ -13,21 +17,50 @@ services:
|
|||
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw_data:/data
|
||||
- bw-data:/data
|
||||
environment:
|
||||
- SERVER_NAME=www.example.com # replace with your domain
|
||||
- AUTO_LETS_ENCRYPT=yes
|
||||
- DISABLE_DEFAULT_SERVER=yes
|
||||
- MAX_CLIENT_SIZE=50m
|
||||
- USE_CLIENT_CACHE=yes
|
||||
- USE_GZIP=yes
|
||||
- USE_REVERSE_PROXY=yes
|
||||
- REVERSE_PROXY_URL=/
|
||||
- REVERSE_PROXY_HOST=http://myjoomla
|
||||
- LIMIT_REQ_URL_1=/administrator/
|
||||
- LIMIT_REQ_RATE_1=8r/s
|
||||
- LIMIT_REQ_URL_2=/installation/index.php
|
||||
- LIMIT_REQ_RATE_2=8r/s
|
||||
<<: *bunkerweb-env
|
||||
SERVER_NAME: "www.example.com" # replace with your domain
|
||||
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
|
||||
AUTO_LETS_ENCRYPT: "yes"
|
||||
DISABLE_DEFAULT_SERVER: "yes"
|
||||
MAX_CLIENT_SIZE: "50m"
|
||||
USE_CLIENT_CACHE: "yes"
|
||||
USE_GZIP: "yes"
|
||||
USE_REVERSE_PROXY: "yes"
|
||||
REVERSE_PROXY_URL: "/"
|
||||
REVERSE_PROXY_HOST: "http://myjoomla"
|
||||
LIMIT_REQ_URL_1: "/administrator/"
|
||||
LIMIT_REQ_RATE_1: "8r/s"
|
||||
LIMIT_REQ_URL_2: "/installation/index.php"
|
||||
LIMIT_REQ_RATE_2: "8r/s"
|
||||
labels:
|
||||
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
|
||||
networks:
|
||||
- bw-universe
|
||||
- bw-services
|
||||
|
||||
bw-scheduler:
|
||||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
<<: *bunkerweb-env
|
||||
DOCKER_HOST: "tcp://docker-proxy:2375"
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
|
||||
docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
|
||||
myjoomla:
|
||||
image: joomla:4-apache
|
||||
|
@ -35,19 +68,33 @@ services:
|
|||
- ./joomla-files:/var/www/html
|
||||
environment:
|
||||
- JOOMLA_DB_HOST=mydb
|
||||
- JOOMLA_DB_NAME=joomla_db
|
||||
- JOOMLA_DB_USER=user
|
||||
- JOOMLA_DB_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD)
|
||||
- JOOMLA_DB_NAME=${JOOMLA_DATABASE:-joomladb}
|
||||
- JOOMLA_DB_USER=${JOOMLA_USER:-user}
|
||||
- JOOMLA_DB_PASSWORD=${JOOMLA_PASSWORD:-secret} # set a stronger password in a .env file (must match MYSQL_PASSWORD)
|
||||
networks:
|
||||
- bw-services
|
||||
|
||||
mydb:
|
||||
image: mariadb
|
||||
volumes:
|
||||
- ./db-data:/var/lib/mysql
|
||||
- db-data:/var/lib/mysql
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=joomla_db
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match JOOMLA_DB_PASSWORD)
|
||||
MARIADB_RANDOM_ROOT_PASSWORD: "yes"
|
||||
entrypoint: sh -c "echo 'DROP USER IF EXISTS \"${JOOMLA_USER:-user}\"; CREATE USER \"${JOOMLA_USER:-user}\"@\"%\"; CREATE DATABASE IF NOT EXISTS ${JOOMLA_DATABASE:-joomladb}; CREATE DATABASE IF NOT EXISTS ${BUNKERWEB_DATABASE:-bunkerweb}; GRANT ALL PRIVILEGES ON ${JOOMLA_DATABASE:-joomladb}.* TO \"${JOOMLA_USER:-user}\"@\"%\" IDENTIFIED BY \"${JOOMLA_PASSWORD:-secret}\"; GRANT ALL PRIVILEGES ON ${BUNKERWEB_DATABASE:-bunkerweb}.* TO \"${JOOMLA_USER:-user}\"@\"%\" IDENTIFIED BY \"${JOOMLA_PASSWORD:-secret}\"; FLUSH PRIVILEGES;' > /docker-entrypoint-initdb.d/init.sql; /usr/local/bin/docker-entrypoint.sh --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci"
|
||||
networks:
|
||||
- bw-universe
|
||||
- bw-services
|
||||
|
||||
volumes:
|
||||
bw_data:
|
||||
bw-data:
|
||||
db-data:
|
||||
|
||||
|
||||
networks:
|
||||
bw-universe:
|
||||
ipam:
|
||||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
bw-services:
|
||||
net-docker:
|
||||
|
|
|
@ -1,9 +1,4 @@
|
|||
#!/bin/bash
|
||||
|
||||
if [ $(id -u) -ne 0 ] ; then
|
||||
echo "❌ Run me as root"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
helm repo add bitnami https://charts.bitnami.com/bitnami
|
||||
helm install -f joomla-chart-values.yml joomla bitnami/joomla
|
||||
helm install -f joomla-chart-values.yml joomla bitnami/joomla
|
||||
|
|
Loading…
Reference in New Issue