mirror of
https://github.com/bunkerity/bunkerized-nginx
synced 2023-12-13 21:30:18 +01:00
Fix already existing tests core linux
This commit is contained in:
parent
aeee38ad32
commit
91e5528a3f
|
@ -109,7 +109,7 @@ do
|
|||
else
|
||||
sudo systemctl start bunkerweb
|
||||
if [ $? -ne 0 ] ; then
|
||||
echo "🤖 Up failed ❌"
|
||||
echo "🤖 Start failed ❌"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
|
|
@ -30,7 +30,7 @@ else
|
|||
echo "AUTH_BASIC_LOCATION=sitewide" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "AUTH_BASIC_USER=bunkerity" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "AUTH_BASIC_PASSWORD=Secr3tP@ssw0rd" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
sudo touch /var/www/html/index.html
|
||||
sudo wget -O /var/www/html/index.html https://github.com/nginxinc/NGINX-Demos/raw/master/nginx-hello-nonroot/html-version/index.html
|
||||
fi
|
||||
|
||||
manual=0
|
||||
|
@ -47,7 +47,7 @@ cleanup_stack () {
|
|||
sudo sed -i 's@USE_AUTH_BASIC=.*$@USE_AUTH_BASIC=no@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@AUTH_BASIC_LOCATION=.*$@AUTH_BASIC_LOCATION=sitewide@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@AUTH_BASIC_USER=.*$@AUTH_BASIC_USER=bunkerity@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@AUTH_BASIC_PASSWORD=.*$@AUTH_BASIC_PASSWORD=Secr3tP@ssw0rd@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@AUTH_BASIC_PASSWORD=.*$@AUTH_BASIC_PASSWORD=Secr3tP\@ssw0rd@' /etc/bunkerweb/variables.env
|
||||
unset USE_AUTH_BASIC
|
||||
unset AUTH_BASIC_LOCATION
|
||||
unset AUTH_BASIC_USER
|
||||
|
@ -136,7 +136,7 @@ do
|
|||
else
|
||||
sudo systemctl start bunkerweb
|
||||
if [ $? -ne 0 ] ; then
|
||||
echo "🔐 Up failed ❌"
|
||||
echo "🔐 Start failed ❌"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
from contextlib import suppress
|
||||
from datetime import datetime
|
||||
from re import search
|
||||
from docker import DockerClient
|
||||
from os import getenv
|
||||
from requests import get
|
||||
|
@ -97,24 +98,34 @@ try:
|
|||
flush=True,
|
||||
)
|
||||
|
||||
docker_host = getenv("DOCKER_HOST", "unix:///var/run/docker.sock")
|
||||
docker_client = DockerClient(base_url=docker_host)
|
||||
|
||||
bw_instances = docker_client.containers.list(
|
||||
filters={"label": "bunkerweb.INSTANCE"}
|
||||
)
|
||||
|
||||
if not bw_instances:
|
||||
print("❌ BunkerWeb instance not found ...", flush=True)
|
||||
exit(1)
|
||||
|
||||
bw_instance = bw_instances[0]
|
||||
|
||||
found = False
|
||||
for log in bw_instance.logs(since=current_time).split(b"\n"):
|
||||
if b"decreased counter for IP 192.168.0.3 (0/10)" in log:
|
||||
found = True
|
||||
break
|
||||
if getenv("TEST_TYPE", "docker") == "docker":
|
||||
docker_host = getenv("DOCKER_HOST", "unix:///var/run/docker.sock")
|
||||
docker_client = DockerClient(base_url=docker_host)
|
||||
|
||||
bw_instances = docker_client.containers.list(
|
||||
filters={"label": "bunkerweb.INSTANCE"}
|
||||
)
|
||||
|
||||
if not bw_instances:
|
||||
print("❌ BunkerWeb instance not found ...", flush=True)
|
||||
exit(1)
|
||||
|
||||
bw_instance = bw_instances[0]
|
||||
|
||||
for log in bw_instance.logs(since=current_time).split(b"\n"):
|
||||
if b"decreased counter for IP 192.168.0.3 (0/10)" in log:
|
||||
found = True
|
||||
break
|
||||
else:
|
||||
with open("/var/log/bunkerweb/error.log", "r") as f:
|
||||
for line in f.readlines():
|
||||
if search(
|
||||
r"decreased counter for IP \d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3} \(0/10\)",
|
||||
line,
|
||||
):
|
||||
found = True
|
||||
break
|
||||
|
||||
if not found:
|
||||
print("❌ Bad Behavior's count time didn't changed ...", flush=True)
|
||||
|
|
|
@ -32,6 +32,7 @@ else
|
|||
echo "BAD_BEHAVIOR_THRESHOLD=10" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "BAD_BEHAVIOR_COUNT_TIME=60" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
sudo touch /var/www/html/index.html
|
||||
export TEST_TYPE="linux"
|
||||
fi
|
||||
|
||||
manual=0
|
||||
|
@ -92,7 +93,7 @@ do
|
|||
find . -type f -name 'docker-compose.*' -exec sed -i 's@USE_BAD_BEHAVIOR: "yes"@USE_BAD_BEHAVIOR: "no"@' {} \;
|
||||
else
|
||||
sudo sed -i 's@USE_BAD_BEHAVIOR=.*$@USE_BAD_BEHAVIOR=no@' /etc/bunkerweb/variables.env
|
||||
unset USE_BAD_BEHAVIOR
|
||||
export USE_BAD_BEHAVIOR="no"
|
||||
fi
|
||||
elif [ "$test" = "status_codes" ] ; then
|
||||
echo "📟 Running tests with badbehavior's 403 status code removed from the list ..."
|
||||
|
@ -102,8 +103,8 @@ do
|
|||
else
|
||||
sudo sed -i 's@USE_BAD_BEHAVIOR=.*$@USE_BAD_BEHAVIOR=yes@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@BAD_BEHAVIOR_STATUS_CODES=.*$@BAD_BEHAVIOR_STATUS_CODES=400 401 404 405 429 444@' /etc/bunkerweb/variables.env
|
||||
unset USE_BAD_BEHAVIOR
|
||||
unset BAD_BEHAVIOR_STATUS_CODES
|
||||
export USE_BAD_BEHAVIOR="yes"
|
||||
export BAD_BEHAVIOR_STATUS_CODES="400 401 404 405 429 444"
|
||||
fi
|
||||
elif [ "$test" = "ban_time" ] ; then
|
||||
echo "📟 Running tests with badbehavior's ban time changed to 60 seconds ..."
|
||||
|
@ -113,8 +114,8 @@ do
|
|||
else
|
||||
sudo sed -i 's@BAD_BEHAVIOR_STATUS_CODES=.*$@BAD_BEHAVIOR_STATUS_CODES=400 401 403 404 405 429 444@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@BAD_BEHAVIOR_BAN_TIME=.*$@BAD_BEHAVIOR_BAN_TIME=60@' /etc/bunkerweb/variables.env
|
||||
unset BAD_BEHAVIOR_STATUS_CODES
|
||||
unset BAD_BEHAVIOR_BAN_TIME
|
||||
export BAD_BEHAVIOR_STATUS_CODES="400 401 403 404 405 429 444"
|
||||
export BAD_BEHAVIOR_BAN_TIME="60"
|
||||
fi
|
||||
elif [ "$test" = "threshold" ] ; then
|
||||
echo "📟 Running tests with badbehavior's threshold set to 20 ..."
|
||||
|
@ -124,8 +125,8 @@ do
|
|||
else
|
||||
sudo sed -i 's@BAD_BEHAVIOR_BAN_TIME=.*$@BAD_BEHAVIOR_BAN_TIME=86400@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@BAD_BEHAVIOR_THRESHOLD=.*$@BAD_BEHAVIOR_THRESHOLD=20@' /etc/bunkerweb/variables.env
|
||||
unset BAD_BEHAVIOR_BAN_TIME
|
||||
unset BAD_BEHAVIOR_THRESHOLD
|
||||
export BAD_BEHAVIOR_BAN_TIME="86400"
|
||||
export BAD_BEHAVIOR_THRESHOLD="20"
|
||||
fi
|
||||
elif [ "$test" = "count_time" ] ; then
|
||||
echo "📟 Running tests with badbehavior's count time set to 30 seconds ..."
|
||||
|
@ -135,8 +136,8 @@ do
|
|||
else
|
||||
sudo sed -i 's@BAD_BEHAVIOR_THRESHOLD=.*$@BAD_BEHAVIOR_THRESHOLD=10@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@BAD_BEHAVIOR_COUNT_TIME=.*$@BAD_BEHAVIOR_COUNT_TIME=30@' /etc/bunkerweb/variables.env
|
||||
unset BAD_BEHAVIOR_THRESHOLD
|
||||
unset BAD_BEHAVIOR_COUNT_TIME
|
||||
export BAD_BEHAVIOR_THRESHOLD="10"
|
||||
export BAD_BEHAVIOR_COUNT_TIME="30"
|
||||
fi
|
||||
fi
|
||||
|
||||
|
@ -157,7 +158,7 @@ do
|
|||
else
|
||||
sudo systemctl start bunkerweb
|
||||
if [ $? -ne 0 ] ; then
|
||||
echo "📟 Up failed ❌"
|
||||
echo "📟 Start failed ❌"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
|
|
@ -97,7 +97,7 @@ do
|
|||
else
|
||||
sudo systemctl start bunkerweb
|
||||
if [ $? -ne 0 ] ; then
|
||||
echo "📦 Up failed ❌"
|
||||
echo "📦 Start failed ❌"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
|
100
tests/core/bwcli/linux.py
Normal file
100
tests/core/bwcli/linux.py
Normal file
|
@ -0,0 +1,100 @@
|
|||
from subprocess import PIPE, Popen
|
||||
from traceback import format_exc
|
||||
|
||||
try:
|
||||
print(
|
||||
'ℹ️ Executing the command "bwcli ban 127.0.0.1 -exp 3600" ...',
|
||||
flush=True,
|
||||
)
|
||||
|
||||
result = Popen(
|
||||
["bwcli", "ban", "127.0.0.1", "-exp", "3600"],
|
||||
stderr=PIPE,
|
||||
stdout=PIPE,
|
||||
)
|
||||
_, err = result.communicate()
|
||||
|
||||
if result.returncode != 0:
|
||||
print(
|
||||
f'❌ Command "ban" failed, exiting ...\noutput: {err.decode()}\nexit_code: {result.returncode}'
|
||||
)
|
||||
exit(1)
|
||||
|
||||
print(err.decode(), flush=True)
|
||||
|
||||
print(
|
||||
'ℹ️ Executing the command "bwcli bans" and checking the result ...',
|
||||
flush=True,
|
||||
)
|
||||
|
||||
result = Popen(["bwcli", "bans"], stderr=PIPE, stdout=PIPE)
|
||||
_, err = result.communicate()
|
||||
|
||||
if result.returncode != 0:
|
||||
print(
|
||||
f'❌ Command "bans" failed, exiting ...\noutput: {err.decode()}\nexit_code: {result.returncode}'
|
||||
)
|
||||
exit(1)
|
||||
|
||||
if b"- 127.0.0.1" not in err:
|
||||
print(
|
||||
f'❌ IP 127.0.0.1 not found in the output of "bans", exiting ...\noutput: {err.decode()}'
|
||||
)
|
||||
exit(1)
|
||||
elif b"List of bans for redis:" not in err:
|
||||
print(
|
||||
f'❌ Redis ban list not found in the output of "bans", exiting ...\noutput: {err.decode()}'
|
||||
)
|
||||
exit(1)
|
||||
elif b"1 hour" not in err and b"59 minutes" not in err:
|
||||
print(f"❌ Ban duration isn't 1 hour, exiting ...\noutput: {err.decode()}")
|
||||
exit(1)
|
||||
|
||||
print(
|
||||
'ℹ️ Executing the command "bwcli unban 127.0.0.1" ...',
|
||||
flush=True,
|
||||
)
|
||||
|
||||
result = Popen(["bwcli", "unban", "127.0.0.1"], stderr=PIPE, stdout=PIPE)
|
||||
_, err = result.communicate()
|
||||
|
||||
if result.returncode != 0:
|
||||
print(
|
||||
f'❌ Command "unban" failed, exiting ...\noutput: {err.decode()}\nexit_code: {result.returncode}'
|
||||
)
|
||||
exit(1)
|
||||
|
||||
print(err.decode(), flush=True)
|
||||
|
||||
print(
|
||||
'ℹ️ Executing the command "bwcli bans" to check if the IP was unbanned ...',
|
||||
flush=True,
|
||||
)
|
||||
|
||||
result = Popen(["bwcli", "bans"], stderr=PIPE, stdout=PIPE)
|
||||
_, err = result.communicate()
|
||||
|
||||
if result.returncode != 0:
|
||||
print(
|
||||
f'❌ Command "bans" failed, exiting ...\noutput: {err.decode()}\nexit_code: {result.returncode}'
|
||||
)
|
||||
exit(1)
|
||||
|
||||
found = 0
|
||||
for line in err.splitlines():
|
||||
if b"No ban found" in line:
|
||||
found += 1
|
||||
|
||||
if found < 2:
|
||||
print(
|
||||
f"❌ IP 127.0.0.1 was not unbanned from both redis and the local ban list, exiting ...\noutput: {err.decode()}",
|
||||
flush=True,
|
||||
)
|
||||
exit(1)
|
||||
|
||||
print(err.decode(), flush=True)
|
||||
except SystemExit:
|
||||
exit(1)
|
||||
except:
|
||||
print(f"❌ Something went wrong, exiting ...\n{format_exc()}", flush=True)
|
||||
exit(1)
|
|
@ -28,7 +28,7 @@ else
|
|||
sudo systemctl stop bunkerweb
|
||||
|
||||
echo "⌨️ Installing Redis ..."
|
||||
sudo apt install -y redis
|
||||
sudo apt install --no-install-recommends -y redis
|
||||
redis-server --daemonize yes
|
||||
if [ $? -ne 0 ] ; then
|
||||
echo "⌨️ Redis start failed ❌"
|
||||
|
@ -38,6 +38,8 @@ else
|
|||
|
||||
echo "USE_REDIS=yes" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "REDIS_HOST=127.0.0.1" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
export USE_REDIS="yes"
|
||||
export REDIS_HOST="127.0.0.1"
|
||||
sudo touch /var/www/html/index.html
|
||||
fi
|
||||
|
||||
|
@ -81,7 +83,7 @@ if [ "$integration" == "docker" ] ; then
|
|||
else
|
||||
sudo systemctl start bunkerweb
|
||||
if [ $? -ne 0 ] ; then
|
||||
echo "⌨️ Up failed ❌"
|
||||
echo "⌨️ Start failed ❌"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
@ -138,7 +140,7 @@ fi
|
|||
if [ "$integration" == "docker" ] ; then
|
||||
docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests
|
||||
else
|
||||
python3 main.py
|
||||
python3 linux.py
|
||||
fi
|
||||
|
||||
if [ $? -ne 0 ] ; then
|
||||
|
|
|
@ -31,6 +31,7 @@ else
|
|||
echo "CLIENT_CACHE_ETAG=yes" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "CLIENT_CACHE_CONTROL=public, max-age=15552000" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
sudo touch /var/www/html/index.html
|
||||
sudo cp image.png /var/www/html/image.png
|
||||
fi
|
||||
|
||||
manual=0
|
||||
|
@ -139,7 +140,7 @@ do
|
|||
else
|
||||
sudo systemctl start bunkerweb
|
||||
if [ $? -ne 0 ] ; then
|
||||
echo "📝 Up failed ❌"
|
||||
echo "📝 Start failed ❌"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
|
|
@ -177,7 +177,7 @@ do
|
|||
else
|
||||
sudo systemctl start bunkerweb
|
||||
if [ $? -ne 0 ] ; then
|
||||
echo "🛰️ Up failed ❌"
|
||||
echo "🛰️ Start failed ❌"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
|
|
@ -26,21 +26,9 @@ if [ "$integration" = "docker" ] ; then
|
|||
fi
|
||||
else
|
||||
sudo systemctl stop bunkerweb
|
||||
|
||||
echo "🔏 Installing openssl ..."
|
||||
sudo apt-get install openssl -y
|
||||
|
||||
echo "🔏 Generating certificate for www.example.com ..."
|
||||
openssl req -nodes -x509 -newkey rsa:4096 -keyout /tmp/privatekey.key -out /tmp/certificate.pem -days 365 -subj /CN=www.example.com/
|
||||
if [ $? -ne 0 ] ; then
|
||||
echo "🔏 Certificate generation failed ❌"
|
||||
exit 1
|
||||
fi
|
||||
sudo chmod 777 /tmp/privatekey.key /tmp/certificate.pem
|
||||
|
||||
echo "USE_CUSTOM_SSL=no" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "CUSTOM_SSL_CERT=/tmp/certificate.pem" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "CUSTOM_SSL_KEY=/tmp/certificate.key" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "CUSTOM_SSL_KEY=/tmp/privatekey.key" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
sudo touch /var/www/html/index.html
|
||||
fi
|
||||
|
||||
|
@ -99,6 +87,17 @@ if [ "$integration" == "docker" ] ; then
|
|||
echo "🔏 privatekey.key not found ❌"
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
echo "🔏 Installing openssl ..."
|
||||
sudo apt-get install openssl -y
|
||||
|
||||
echo "🔏 Generating certificate for www.example.com ..."
|
||||
openssl req -nodes -x509 -newkey rsa:4096 -keyout /tmp/privatekey.key -out /tmp/certificate.pem -days 365 -subj /CN=www.example.com/
|
||||
if [ $? -ne 0 ] ; then
|
||||
echo "🔏 Certificate generation failed ❌"
|
||||
exit 1
|
||||
fi
|
||||
sudo chmod 777 /tmp/privatekey.key /tmp/certificate.pem
|
||||
fi
|
||||
|
||||
for test in "deactivated" "activated"
|
||||
|
@ -132,7 +131,7 @@ do
|
|||
else
|
||||
sudo systemctl start bunkerweb
|
||||
if [ $? -ne 0 ] ; then
|
||||
echo "🔏 Up failed ❌"
|
||||
echo "🔏 Start failed ❌"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
|
|
@ -32,7 +32,10 @@ from bunkerweb.db.model import (
|
|||
try:
|
||||
database_uri = getenv("DATABASE_URI", "sqlite:////var/lib/bunkerweb/db.sqlite3")
|
||||
|
||||
if database_uri == "sqlite:////var/lib/bunkerweb/db.sqlite3":
|
||||
if (
|
||||
getenv("TEST_TYPE", "docker") == "docker"
|
||||
and database_uri == "sqlite:////var/lib/bunkerweb/db.sqlite3"
|
||||
):
|
||||
database_uri = "sqlite:////data/lib/db.sqlite3"
|
||||
|
||||
error = False
|
||||
|
@ -584,7 +587,9 @@ try:
|
|||
service_custom_configs[custom_conf[3]] = {
|
||||
"value": environ[env].encode(),
|
||||
"type": custom_conf[2].lower(),
|
||||
"method": "scheduler",
|
||||
"method": "manual"
|
||||
if getenv("TEST_TYPE", "docker") == "linux"
|
||||
else "scheduler",
|
||||
"checked": False,
|
||||
}
|
||||
continue
|
||||
|
@ -592,7 +597,9 @@ try:
|
|||
global_custom_configs[custom_conf[3]] = {
|
||||
"value": environ[env].encode(),
|
||||
"type": custom_conf[2].lower(),
|
||||
"method": "scheduler",
|
||||
"method": "manual"
|
||||
if getenv("TEST_TYPE", "docker") == "linux"
|
||||
else "scheduler",
|
||||
"checked": False,
|
||||
}
|
||||
|
||||
|
@ -651,6 +658,8 @@ try:
|
|||
elif (
|
||||
custom_config.data.replace(b"# CREATED BY ENV\n", b"")
|
||||
!= current_custom_configs[custom_config.name]["value"]
|
||||
and custom_config.data.replace(b"# CREATED BY ENV\n", b"")
|
||||
!= current_custom_configs[custom_config.name]["value"] + b"\n"
|
||||
):
|
||||
print(
|
||||
f"❌ The custom config {custom_config.name} is in the database but the value differ, exiting ...\n{custom_config.data} (database) != {current_custom_configs[custom_config.name]['value']} (env)",
|
||||
|
|
|
@ -36,19 +36,21 @@ if [ "$integration" = "docker" ] ; then
|
|||
fi
|
||||
else
|
||||
sudo systemctl stop bunkerweb
|
||||
sudo sed -i 's@SERVER_NAME=.*$@SERVER_NAME=bwadm.example.com@' /etc/bunkerweb/variables.env
|
||||
echo "MULTISITE=no" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "USE_REVERSE_PROXY=yes" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "REVERSE_PROXY_HOST=http://app1:8080" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "REVERSE_PROXY_URL=/" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "DATABASE_URI=sqlite:////var/ib/bunkerweb/db.sqlite3" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo "DATABASE_URI=sqlite:////var/lib/bunkerweb/db.sqlite3" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo 'SecRule REQUEST_FILENAME "@rx ^/db" "id:10000,ctl:ruleRemoveByTag=attack-generic,ctl:ruleRemoveByTag=attack-protocol,nolog"' | sudo tee /etc/bunkerweb/configs/modsec/test_custom_conf.conf
|
||||
sudo chown -R nginx:nginx /etc/bunkerweb
|
||||
sudo chmod 777 /etc/bunkerweb/configs/modsec/test_custom_conf.conf
|
||||
sudo touch /var/www/html/index.html
|
||||
|
||||
export TEST_TYPE="linux"
|
||||
export GLOBAL_SERVER_NAME="bwadm.example.com"
|
||||
export GLOBAL_API_WHITELIST_IP="127.0.0.0/8"
|
||||
export GLOBAL_HTTP_PORT="80"
|
||||
export GLOBAL_HTTPS_PORT="433"
|
||||
export GLOBAL_HTTPS_PORT="443"
|
||||
export GLOBAL_DNS_RESOLVERS="9.9.9.9 8.8.8.8 8.8.4.4"
|
||||
export GLOBAL_LOG_LEVEL="info"
|
||||
export GLOBAL_USE_BUNKERNET="no"
|
||||
|
@ -92,24 +94,24 @@ cleanup_stack () {
|
|||
sed -i '20d' docker-compose.test.yml
|
||||
fi
|
||||
else
|
||||
sudo rm -rf /etc/bunkerweb/plugins
|
||||
sed -i 's@MULTISITE=.*$@MULTISITE=no@' /etc/bunkerweb/variables.env
|
||||
sed -i 's@DATABASE_URI=.*$@DATABASE_URI=sqlite:////var/lib/bunkerweb/db.sqlite3@' /etc/bunkerweb/variables.env
|
||||
sed -i 's@bwadm.example.com_@@g' /etc/bunkerweb/variables.env
|
||||
sudo rm -rf /etc/bunkerweb/plugins/*
|
||||
sudo sed -i 's@MULTISITE=.*$@MULTISITE=no@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@DATABASE_URI=.*$@DATABASE_URI=sqlite:////var/lib/bunkerweb/db.sqlite3@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@bwadm.example.com_@@g' /etc/bunkerweb/variables.env
|
||||
|
||||
if [[ $(sudo tail -n 1 /etc/bunkerweb/variables.env) = "SERVER_NAME=bwadm.example.com" ]] ; then
|
||||
sudo sed -i '$ d' /etc/bunkerweb/variables.env
|
||||
fi
|
||||
|
||||
unset GLOBAL_MULTISITE
|
||||
unset SERVICE_USE_REVERSE_PROXY
|
||||
unset SERVICE_REVERSE_PROXY_HOST
|
||||
unset SERVICE_REVERSE_PROXY_URL
|
||||
unset CUSTOM_CONF_SERVICE_MODSEC_CRS_test_service_conf
|
||||
export GLOBAL_SERVER_NAME="bwadm.example.com"
|
||||
export GLOBAL_USE_REVERSE_PROXY="yes"
|
||||
export GLOBAL_REVERSE_PROXY_HOST="http://app1:8080"
|
||||
export GLOBAL_REVERSE_PROXY_URL="/"
|
||||
sudo rm -f /etc/bunkerweb/configs/modsec-crs/test_service_conf.conf
|
||||
sudo rm -f /etc/bunkerweb/configs/modsec-crs/bwadm.example.com/test_service_conf.conf
|
||||
fi
|
||||
if [[ $end -eq 1 && $exit_code = 0 ]] ; then
|
||||
return
|
||||
|
@ -193,8 +195,8 @@ else
|
|||
|
||||
echo "💾 Extracting ClamAV plugin ..."
|
||||
mkdir external
|
||||
sudo cp -r bunkerweb-plugins/clamav external/
|
||||
sudo cp -r external/clamav /etc/bunkerweb/plugins/
|
||||
sudo cp -r bunkerweb-plugins/clamav external/clamav
|
||||
sudo cp -r external/clamav /etc/bunkerweb/plugins/clamav
|
||||
rm -rf bunkerweb-plugins
|
||||
|
||||
echo "💾 Extracting settings.json file, db and core directory ..."
|
||||
|
@ -215,8 +217,10 @@ fi
|
|||
|
||||
for test in $tests
|
||||
do
|
||||
echo "💾 Creating the bw-docker network ..."
|
||||
docker network create bw-docker
|
||||
if [ "$integration" == "docker" ] ; then
|
||||
echo "💾 Creating the bw-docker network ..."
|
||||
docker network create bw-docker
|
||||
fi
|
||||
|
||||
if [ "$test" = "local" ] ; then
|
||||
echo "💾 Running tests with a local database ..."
|
||||
|
@ -235,13 +239,17 @@ do
|
|||
sed -i 's@GLOBAL_REVERSE_PROXY_URL@SERVICE_REVERSE_PROXY_URL@' docker-compose.test.yml
|
||||
sed -i 's@GLOBAL_SERVER_NAME@SERVICE_SERVER_NAME@' docker-compose.test.yml
|
||||
else
|
||||
sed -i 's@MULTISITE=.*$@MULTISITE=yes@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@MULTISITE=.*$@MULTISITE=yes@' /etc/bunkerweb/variables.env
|
||||
echo "bwadm.example.com_SERVER_NAME=bwadm.example.com" | sudo tee -a /etc/bunkerweb/variables.env
|
||||
echo 'SecRule REQUEST_FILENAME "@rx ^/test" "id:10001,ctl:ruleRemoveByTag=attack-generic,ctl:ruleRemoveByTag=attack-protocol,nolog"' | sudo tee /etc/bunkerweb/configs/modsec-crs/test_service_conf.conf
|
||||
sed -i 's@USE_REVERSE_PROXY@bwadm.example.com_USE_REVERSE_PROXY@' /etc/bunkerweb/variables.env
|
||||
sed -i 's@REVERSE_PROXY_HOST@bwadm.example.com_REVERSE_PROXY_HOST@' /etc/bunkerweb/variables.env
|
||||
sed -i 's@REVERSE_PROXY_URL@bwadm.example.com_REVERSE_PROXY_URL@' /etc/bunkerweb/variables.env
|
||||
sudo mkdir -p /etc/bunkerweb/configs/modsec-crs/bwadm.example.com
|
||||
echo 'SecRule REQUEST_FILENAME "@rx ^/test" "id:10001,ctl:ruleRemoveByTag=attack-generic,ctl:ruleRemoveByTag=attack-protocol,nolog"' | sudo tee /etc/bunkerweb/configs/modsec-crs/bwadm.example.com/test_service_conf.conf
|
||||
sudo chown -R nginx:nginx /etc/bunkerweb
|
||||
sudo chmod 777 /etc/bunkerweb/configs/modsec-crs/bwadm.example.com/test_service_conf.conf
|
||||
sudo sed -i 's@USE_REVERSE_PROXY@bwadm.example.com_USE_REVERSE_PROXY@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@REVERSE_PROXY_HOST@bwadm.example.com_REVERSE_PROXY_HOST@' /etc/bunkerweb/variables.env
|
||||
sudo sed -i 's@REVERSE_PROXY_URL@bwadm.example.com_REVERSE_PROXY_URL@' /etc/bunkerweb/variables.env
|
||||
|
||||
export GLOBAL_MULTISITE="yes"
|
||||
export CUSTOM_CONF_SERVICE_MODSEC_CRS_test_service_conf='SecRule REQUEST_FILENAME "@rx ^/test" "id:10001,ctl:ruleRemoveByTag=attack-generic,ctl:ruleRemoveByTag=attack-protocol,nolog"'
|
||||
export SERVICE_USE_REVERSE_PROXY=$GLOBAL_USE_REVERSE_PROXY
|
||||
export SERVICE_REVERSE_PROXY_HOST=$GLOBAL_REVERSE_PROXY_HOST
|
||||
|
@ -250,7 +258,6 @@ do
|
|||
unset GLOBAL_USE_REVERSE_PROXY
|
||||
unset GLOBAL_REVERSE_PROXY_HOST
|
||||
unset GLOBAL_REVERSE_PROXY_URL
|
||||
unset GLOBAL_SERVER_NAME
|
||||
fi
|
||||
elif [ "$test" = "mariadb" ] ; then
|
||||
echo "💾 Running tests with MariaDB database ..."
|
||||
|
@ -344,7 +351,7 @@ do
|
|||
else
|
||||
sudo systemctl start bunkerweb
|
||||
if [ $? -ne 0 ] ; then
|
||||
echo "💾 Up failed ❌"
|
||||
echo "💾 Start failed ❌"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
|
|
Loading…
Reference in a new issue