fix multiple CVE with curl/libcurl and add autoconf/docker CUSTOM_CONF configs examples
This commit is contained in:
parent
2dc18a7942
commit
8f258486ef
|
@ -74,6 +74,8 @@ RUN apk add --no-cache bash python3 libgcc libstdc++ openssl git && \
|
|||
|
||||
# Fix CVE-2022-27405 and CVE-2022-27406
|
||||
RUN apk add "freetype>=2.10.4-r3"
|
||||
# Fix multiple CVE for curl/libcurl
|
||||
RUN apk add "curl>=7.79.1-r2" "libcurl>=7.79.1-r2"
|
||||
|
||||
VOLUME /data
|
||||
|
||||
|
|
|
@ -0,0 +1,68 @@
|
|||
version: '3'
|
||||
|
||||
services:
|
||||
|
||||
myapp1:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
bw-services:
|
||||
aliases:
|
||||
- myapp1
|
||||
labels:
|
||||
- "bunkerweb.SERVER_NAME=app1.example.com" # replace with your domain
|
||||
- "bunkerweb.USE_REVERSE_PROXY=yes"
|
||||
- "bunkerweb.REVERSE_PROXY_URL=/"
|
||||
- "bunkerweb.REVERSE_PROXY_HOST=http://myapp1"
|
||||
- |
|
||||
CUSTOM_CONF_SERVER_HTTP_example=
|
||||
location /hello {
|
||||
default_type 'text/plain';
|
||||
content_by_lua_block {
|
||||
ngx.say('hello app1')
|
||||
}
|
||||
}
|
||||
|
||||
myapp2:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
bw-services:
|
||||
aliases:
|
||||
- myapp2
|
||||
labels:
|
||||
- "bunkerweb.SERVER_NAME=app2.example.com" # replace with your domain
|
||||
- "bunkerweb.USE_REVERSE_PROXY=yes"
|
||||
- "bunkerweb.REVERSE_PROXY_URL=/"
|
||||
- "bunkerweb.REVERSE_PROXY_HOST=http://myapp2"
|
||||
- |
|
||||
CUSTOM_CONF_SERVER_HTTP_example=
|
||||
location /hello {
|
||||
default_type 'text/plain';
|
||||
content_by_lua_block {
|
||||
ngx.say('hello app2')
|
||||
}
|
||||
}
|
||||
|
||||
myapp3:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
bw-services:
|
||||
aliases:
|
||||
- myapp3
|
||||
labels:
|
||||
- "bunkerweb.SERVER_NAME=app3.example.com" # replace with your domain
|
||||
- "bunkerweb.USE_REVERSE_PROXY=yes"
|
||||
- "bunkerweb.REVERSE_PROXY_URL=/"
|
||||
- "bunkerweb.REVERSE_PROXY_HOST=http://myapp3"
|
||||
- |
|
||||
CUSTOM_CONF_SERVER_HTTP_example=
|
||||
location /hello {
|
||||
default_type 'text/plain';
|
||||
content_by_lua_block {
|
||||
ngx.say('hello app3')
|
||||
}
|
||||
}
|
||||
|
||||
networks:
|
||||
bw-services:
|
||||
external:
|
||||
name: bw-services
|
|
@ -0,0 +1,65 @@
|
|||
version: "3"
|
||||
|
||||
services:
|
||||
|
||||
mybunker:
|
||||
image: bunkerity/bunkerweb:1.4.2
|
||||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
# ⚠️ read this if you use local folders for volumes ⚠️
|
||||
# bunkerweb runs as an unprivileged user with UID/GID 101
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
|
||||
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw_data:/data
|
||||
environment:
|
||||
- MULTISITE=yes
|
||||
- SERVER_NAME=app1.example.com app2.example.com # replace with your domains
|
||||
- SERVE_FILES=no
|
||||
- DISABLE_DEFAULT_SERVER=yes
|
||||
- AUTO_LETS_ENCRYPT=yes
|
||||
- USE_CLIENT_CACHE=yes
|
||||
- USE_GZIP=yes
|
||||
- USE_REVERSE_PROXY=yes
|
||||
- app1.example.com_REVERSE_PROXY_URL=/
|
||||
- app1.example.com_REVERSE_PROXY_HOST=http://app1
|
||||
- app2.example.com_REVERSE_PROXY_URL=/
|
||||
- app2.example.com_REVERSE_PROXY_HOST=http://app2
|
||||
# global config applied at server context
|
||||
- |
|
||||
CUSTOM_CONF_SERVER_HTTP_hello-world=
|
||||
location /hello {
|
||||
default_type 'text/plain';
|
||||
content_by_lua_block {
|
||||
ngx.say('world')
|
||||
}
|
||||
}
|
||||
# site configs applied at server context
|
||||
- |
|
||||
app1.example.com_CUSTOM_CONF_SERVER_HTTP_dummy=
|
||||
location /app1 {
|
||||
default_type 'text/plain';
|
||||
content_by_lua_block {
|
||||
ngx.say('hello app1')
|
||||
}
|
||||
}
|
||||
- |
|
||||
app2.example.com_CUSTOM_CONF_SERVER_HTTP_dummy=
|
||||
location /app2 {
|
||||
default_type 'text/plain';
|
||||
content_by_lua_block {
|
||||
ngx.say('hello app2')
|
||||
}
|
||||
}
|
||||
|
||||
myapp1:
|
||||
image: tutum/hello-world
|
||||
|
||||
myapp2:
|
||||
image: tutum/hello-world
|
||||
|
||||
volumes:
|
||||
bw-data:
|
|
@ -102,6 +102,9 @@ single_autoconf_test "autoconf-reverse-proxy" "60" "https://$TEST_DOMAIN1_1 hell
|
|||
# php
|
||||
single_autoconf_test "autoconf-php" "60" "https://$TEST_DOMAIN1_1 app1" "https://$TEST_DOMAIN1_2 app2" "https://$TEST_DOMAIN1_3 app3"
|
||||
|
||||
# configs
|
||||
single_docker_test "autoconf-configs" "60" "https://$TEST_DOMAIN1/hello app1" "https://$TEST_DOMAIN2/hello app2" "https://$TEST_DOMAIN3/hello app3"
|
||||
|
||||
# cleanup
|
||||
current_dir="$(pwd)"
|
||||
cd "/tmp/autoconf"
|
||||
|
|
|
@ -58,6 +58,9 @@ single_docker_test "authelia" "60" "https://$TEST_DOMAIN1_1 authelia" "https://$
|
|||
# drupal
|
||||
single_docker_test "drupal" "60" "https://$TEST_DOMAIN1 drupal"
|
||||
|
||||
# docker configs
|
||||
single_docker_test "docker-configs" "30" "https://$TEST_DOMAIN1_1/hello world" "https://$TEST_DOMAIN1_2/hello world" "https://$TEST_DOMAIN1/app1 app1" "https://$TEST_DOMAIN1/app2 app2"
|
||||
|
||||
# ghost
|
||||
single_docker_test "ghost" "30" "https://$TEST_DOMAIN1 ghost"
|
||||
|
||||
|
|
Loading…
Reference in New Issue