init work on examples refactoring
This commit is contained in:
parent
0210ddd886
commit
966f57ceaa
|
@ -25,9 +25,11 @@ jobs:
|
|||
username: registry
|
||||
password: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
|
||||
- name: Pull BW image
|
||||
run: docker pull ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-tests:staging && docker tag ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-tests:staging local/bunkerweb-tests:latest
|
||||
run: docker pull ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-tests:staging && docker tag ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-tests:staging bunkerweb-tests
|
||||
- name: Pull Scheduler image
|
||||
run: docker pull ${{ secrets.PRIVATE_REGISTRY }}/infra/scheduler-tests:staging && docker tag ${{ secrets.PRIVATE_REGISTRY }}/infra/scheduler-tests:staging local/scheduler-tests:latest
|
||||
run: docker pull ${{ secrets.PRIVATE_REGISTRY }}/infra/scheduler-tests:staging && docker tag ${{ secrets.PRIVATE_REGISTRY }}/infra/scheduler-tests:staging scheduler-tests
|
||||
- name: Pull UI image
|
||||
run: docker pull ${{ secrets.PRIVATE_REGISTRY }}/infra/ui-tests:staging && docker tag ${{ secrets.PRIVATE_REGISTRY }}/infra/ui-tests:staging ui-tests
|
||||
# Do tests
|
||||
- name: Run tests
|
||||
run: ./tests/ui/tests.sh
|
||||
|
|
|
@ -11,14 +11,6 @@ services:
|
|||
networks:
|
||||
- bw-universe
|
||||
- bw-services
|
||||
# ⚠️ read this if you use local folders for volumes ⚠️
|
||||
# bunkerweb runs as an unprivileged user with UID/GID 101
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
|
||||
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
environment:
|
||||
- MULTISITE=yes
|
||||
- SERVER_NAME=auth.example.com app1.example.com app2.example.com # replace with your domains
|
||||
|
@ -55,10 +47,22 @@ services:
|
|||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://bw-docker-proxy:2375
|
||||
networks:
|
||||
- bw-universe
|
||||
- bw-docker
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
|
||||
bw-docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy:0.1
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
# APPLICATIONS
|
||||
app1:
|
||||
|
@ -75,7 +79,7 @@ services:
|
|||
image: authelia/authelia:4
|
||||
container_name: authelia
|
||||
networks:
|
||||
- bw-universe
|
||||
- bw-services
|
||||
volumes:
|
||||
- ./authelia:/config
|
||||
restart: unless-stopped
|
||||
|
@ -88,7 +92,7 @@ services:
|
|||
image: redis:7-alpine
|
||||
container_name: redis
|
||||
networks:
|
||||
- bw-universe
|
||||
- bw-services
|
||||
volumes:
|
||||
- ./redis:/data
|
||||
expose:
|
||||
|
@ -108,3 +112,4 @@ networks:
|
|||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
bw-services:
|
||||
bw-docker:
|
||||
|
|
|
@ -48,7 +48,7 @@ services:
|
|||
authelia:
|
||||
image: authelia/authelia:4
|
||||
networks:
|
||||
- bw-universe
|
||||
- bw-services
|
||||
configs:
|
||||
- source: config_authelia_configuration
|
||||
target: /config/configuration.yml
|
||||
|
@ -78,7 +78,7 @@ services:
|
|||
redis:
|
||||
image: redis:7-alpine
|
||||
networks:
|
||||
- bw-universe
|
||||
- bw-services
|
||||
volumes:
|
||||
- redis:/data
|
||||
environment:
|
||||
|
@ -89,13 +89,6 @@ services:
|
|||
- "node.role==worker"
|
||||
|
||||
networks:
|
||||
bw-universe:
|
||||
external:
|
||||
name: bw-universe
|
||||
ipam:
|
||||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
bw-services:
|
||||
external:
|
||||
name: bw-services
|
||||
|
|
|
@ -2,10 +2,7 @@ version: "3.4"
|
|||
|
||||
services:
|
||||
mybunker:
|
||||
# image: bunkerity/bunkerweb:1.5.0
|
||||
build:
|
||||
context: ../..
|
||||
dockerfile: src/bw/Dockerfile
|
||||
image: bunkerity/bunkerweb:1.5.0
|
||||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
|
@ -14,12 +11,6 @@ services:
|
|||
networks:
|
||||
- bw-universe
|
||||
- bw-services
|
||||
# ⚠️ read this if you use local folders for volumes ⚠️
|
||||
# bunkerweb runs as an unprivileged user with UID/GID 101
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
|
||||
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
environment:
|
||||
- MULTISITE=yes
|
||||
- SERVER_NAME=auth.example.com app1.example.com app2.example.com # replace with your domains
|
||||
|
@ -62,17 +53,25 @@ services:
|
|||
- app2.example.com_REVERSE_PROXY_HEADERS=X-authentik-username $$authentik_username;X-authentik-groups $$authentik_groups;X-authentik-email $$authentik_email;X-authentik-name $$authentik_name;X-authentik-uid $$authentik_uid
|
||||
|
||||
bw-scheduler:
|
||||
# image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
build:
|
||||
context: ../..
|
||||
dockerfile: src/scheduler/Dockerfile
|
||||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://bw-docker-proxy:2375
|
||||
networks:
|
||||
- bw-universe
|
||||
- bw-docker
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
|
||||
bw-docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy:0.1
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- bw-docker
|
||||
|
||||
# APPLICATIONS
|
||||
app1:
|
||||
|
@ -191,3 +190,4 @@ networks:
|
|||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
bw-services:
|
||||
bw-docker:
|
||||
|
|
|
@ -12,7 +12,7 @@ services:
|
|||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example : chown -R 33:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
|
||||
volumes:
|
||||
- ./bw-data/www/app1.example.com:/app # folder containing PHP app1 (don't forget to rename it)
|
||||
- ./www/app1.example.com:/app # folder containing PHP app1 (don't forget to rename it)
|
||||
labels:
|
||||
- "bunkerweb.SERVER_NAME=app1.example.com" # replace with your domain
|
||||
- "bunkerweb.REMOTE_PHP=myapp1"
|
||||
|
@ -24,12 +24,12 @@ services:
|
|||
bw-services:
|
||||
aliases:
|
||||
- myapp2
|
||||
# ⚠️ UID and GID of mywww (101:101) and php:fpm (33:33) are not the same ⚠️
|
||||
# ⚠️ UID and GID of BunkerWeb (101:101) and php:fpm (33:33) are not the same ⚠️
|
||||
# but both needs access to the files and folders of web-files
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example : chown -R 33:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
|
||||
# example : chown -R 33:101 ./www && find ./www -type f -exec chmod 0640 {} \; && find ./www -type d -exec chmod 0750 {} \;
|
||||
volumes:
|
||||
- ./bw-data/www/app2.example.com:/app # folder containing PHP app2 (don't forget to rename it)
|
||||
- ./www/app2.example.com:/app # folder containing PHP app2 (don't forget to rename it)
|
||||
labels:
|
||||
- "bunkerweb.SERVER_NAME=app2.example.com" # replace with your domain
|
||||
- "bunkerweb.REMOTE_PHP=myapp2"
|
||||
|
@ -41,12 +41,12 @@ services:
|
|||
bw-services:
|
||||
aliases:
|
||||
- myapp3
|
||||
# ⚠️ UID and GID of mywww (101:101) and php:fpm (33:33) are not the same ⚠️
|
||||
# ⚠️ UID and GID of BunkerWeb (101:101) and php:fpm (33:33) are not the same ⚠️
|
||||
# but both needs access to the files and folders of web-files
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example : chown -R 33:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
|
||||
# example : chown -R 33:101 ./www && find ./www -type f -exec chmod 0640 {} \; && find ./www -type d -exec chmod 0750 {} \;
|
||||
volumes:
|
||||
- ./bw-data/www/app3.example.com:/app # folder containing PHP app3 (don't forget to rename it)
|
||||
- ./www/app3.example.com:/app # folder containing PHP app3 (don't forget to rename it)
|
||||
labels:
|
||||
- "bunkerweb.SERVER_NAME=app3.example.com" # replace with your domain
|
||||
- "bunkerweb.REMOTE_PHP=myapp3"
|
||||
|
|
|
@ -5,9 +5,6 @@ if [ $(id -u) -ne 0 ] ; then
|
|||
exit 1
|
||||
fi
|
||||
|
||||
chown -R 101:101 bw-data
|
||||
find ./bw-data/ -type f -exec chmod 0640 {} \;
|
||||
find ./bw-data/ -type d -exec chmod 0750 {} \;
|
||||
chown -R 101:33 ./bw-data/www
|
||||
find ./bw-data/www -type f -exec chmod 0660 {} \;
|
||||
find ./bw-data/www -type d -exec chmod 0770 {} \;
|
||||
chown -R 101:33 ./www
|
||||
find ./www -type f -exec chmod 0660 {} \;
|
||||
find ./www -type d -exec chmod 0770 {} \;
|
|
@ -3,14 +3,6 @@ version: "3"
|
|||
services:
|
||||
mybunker:
|
||||
image: bunkerity/bunkerweb:1.5.0
|
||||
# ⚠️ read this if you use local folders for volumes ⚠️
|
||||
# bunkerweb runs as an unprivileged user with UID/GID 101
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
|
||||
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
environment:
|
||||
- SERVER_NAME=www.example.com # replace with your domains
|
||||
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
|
||||
|
@ -37,21 +29,21 @@ services:
|
|||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
- DOCKER_HOST=tcp://bw-docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
docker-proxy:
|
||||
bw-docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy:0.1
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
myproxy:
|
||||
image: haproxy:2.7.0
|
||||
|
@ -82,4 +74,4 @@ networks:
|
|||
config:
|
||||
- subnet: 10.10.10.0/24
|
||||
bw-services:
|
||||
net-docker:
|
||||
bw-docker:
|
||||
|
|
|
@ -31,52 +31,44 @@ services:
|
|||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
# ⚠️ read this if you use local folders for volumes ⚠️
|
||||
# bunkerweb runs as an unprivileged user with UID/GID 101
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
|
||||
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
environment:
|
||||
- SERVER_NAME=${DOMAIN}
|
||||
- API_WHITELIST_IP=127.0.0.0/8 10.7.7.0/24
|
||||
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
|
||||
- AUTO_LETS_ENCRYPT=yes
|
||||
- USE_CLIENT_CACHE=yes
|
||||
- USE_GZIP=yes
|
||||
- USE_REVERSE_PROXY=yes
|
||||
- REVERSE_PROXY_WS=yes
|
||||
- REVERSE_PROXY_URL=/
|
||||
- REVERSE_PROXY_HOST=http://10.7.7.253:48087
|
||||
- REVERSE_PROXY_HOST=http://10.7.7.253:8080
|
||||
labels:
|
||||
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
|
||||
# You have to put this IP address in your docker-compose.yml file
|
||||
networks:
|
||||
bbb-net:
|
||||
ipv4_address: 10.7.7.254
|
||||
bw-universe:
|
||||
|
||||
bw-scheduler:
|
||||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
- DOCKER_HOST=tcp://bw-docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
networks:
|
||||
bbb-net:
|
||||
ipv4_address: 10.7.7.42
|
||||
net-docker:
|
||||
bw-universe:
|
||||
bw-docker:
|
||||
|
||||
docker-proxy:
|
||||
bw-docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy:0.1
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
...
|
||||
|
||||
|
@ -86,4 +78,9 @@ volumes:
|
|||
|
||||
networks:
|
||||
...
|
||||
net-docker:
|
||||
bw-universe:
|
||||
ipam:
|
||||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
bw-docker:
|
|
@ -6,14 +6,8 @@ services:
|
|||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
# ⚠️ read this if you use local folders for volumes ⚠️
|
||||
# bunkerweb runs as an unprivileged user with UID/GID 101
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
|
||||
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- certs:/certs
|
||||
environment:
|
||||
- MULTISITE=yes
|
||||
- SERVER_NAME=app1.example.com app2.example.com app3.example.com # replace with your domains
|
||||
|
@ -36,31 +30,29 @@ services:
|
|||
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
|
||||
networks:
|
||||
- bw-universe
|
||||
- net_app1
|
||||
- net_app2
|
||||
- net_app3
|
||||
- bw-services
|
||||
|
||||
bw-scheduler:
|
||||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
- DOCKER_HOST=tcp://bw-docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- certs:/certs
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
docker-proxy:
|
||||
bw-docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy:0.1
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
mycertbot:
|
||||
image: certbot/dns-cloudflare:v2.0.0
|
||||
|
@ -76,17 +68,17 @@ services:
|
|||
app1:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
- net_app1
|
||||
- bw-services
|
||||
|
||||
app2:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
- net_app2
|
||||
- bw-services
|
||||
|
||||
app3:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
- net_app3
|
||||
- bw-services
|
||||
|
||||
volumes:
|
||||
bw-data:
|
||||
|
@ -98,7 +90,5 @@ networks:
|
|||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
net-docker:
|
||||
net_app1:
|
||||
net_app2:
|
||||
net_app3:
|
||||
bw-docker:
|
||||
bw-services:
|
||||
|
|
|
@ -6,14 +6,8 @@ services:
|
|||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
# ⚠️ read this if you use local folders for volumes ⚠️
|
||||
# bunkerweb runs as an unprivileged user with UID/GID 101
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
|
||||
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- certs:/certs
|
||||
environment:
|
||||
- MULTISITE=yes
|
||||
- SERVER_NAME=app1.example.com app2.example.com app3.example.com # replace with your domains
|
||||
|
@ -36,31 +30,29 @@ services:
|
|||
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
|
||||
networks:
|
||||
- bw-universe
|
||||
- net_app1
|
||||
- net_app2
|
||||
- net_app3
|
||||
- bw-services
|
||||
|
||||
bw-scheduler:
|
||||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
- DOCKER_HOST=tcp://bw-docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- certs:/certs
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
docker-proxy:
|
||||
bw-docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy:0.1
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
mycertbot:
|
||||
image: certbot/dns-digitalocean:v2.0.0
|
||||
|
@ -76,17 +68,17 @@ services:
|
|||
app1:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
- net_app1
|
||||
- bw-services
|
||||
|
||||
app2:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
- net_app2
|
||||
- bw-services
|
||||
|
||||
app3:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
- net_app3
|
||||
- bw-services
|
||||
|
||||
volumes:
|
||||
bw-data:
|
||||
|
@ -98,7 +90,5 @@ networks:
|
|||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
net-docker:
|
||||
net_app1:
|
||||
net_app2:
|
||||
net_app3:
|
||||
bw-docker:
|
||||
bw-services:
|
||||
|
|
|
@ -6,14 +6,8 @@ services:
|
|||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
# ⚠️ read this if you use local folders for volumes ⚠️
|
||||
# bunkerweb runs as an unprivileged user with UID/GID 101
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
|
||||
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- certs:/certs
|
||||
environment:
|
||||
- MULTISITE=yes
|
||||
- SERVER_NAME=app1.example.com app2.example.com app3.example.com # replace with your domains
|
||||
|
@ -36,31 +30,29 @@ services:
|
|||
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
|
||||
networks:
|
||||
- bw-universe
|
||||
- net_app1
|
||||
- net_app2
|
||||
- net_app3
|
||||
- bw-services
|
||||
|
||||
bw-scheduler:
|
||||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
- DOCKER_HOST=tcp://bw-docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- certs:/certs
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
docker-proxy:
|
||||
bw-docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy:0.1
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
mycertbot:
|
||||
image: certbot/dns-google:v2.0.0
|
||||
|
@ -76,17 +68,17 @@ services:
|
|||
app1:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
- net_app1
|
||||
- bw-services
|
||||
|
||||
app2:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
- net_app2
|
||||
- bw-services
|
||||
|
||||
app3:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
- net_app3
|
||||
- bw-services
|
||||
|
||||
volumes:
|
||||
bw-data:
|
||||
|
@ -98,7 +90,5 @@ networks:
|
|||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
net-docker:
|
||||
net_app1:
|
||||
net_app2:
|
||||
net_app3:
|
||||
bw-docker:
|
||||
bw-services:
|
||||
|
|
|
@ -6,14 +6,7 @@ services:
|
|||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
# ⚠️ read this if you use local folders for volumes ⚠️
|
||||
# bunkerweb runs as an unprivileged user with UID/GID 101
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
|
||||
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- certs:/certs
|
||||
environment:
|
||||
- MULTISITE=yes
|
||||
|
@ -37,30 +30,29 @@ services:
|
|||
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
|
||||
networks:
|
||||
- bw-universe
|
||||
- net_app1
|
||||
- net_app2
|
||||
- net_app3
|
||||
- bw-services
|
||||
|
||||
bw-scheduler:
|
||||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
- DOCKER_HOST=tcp://bw-docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- certs:/certs
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
docker-proxy:
|
||||
bw-docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy:0.1
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
mycertbot:
|
||||
image: certbot/dns-ovh:v2.0.0
|
||||
|
@ -76,17 +68,17 @@ services:
|
|||
app1:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
- net_app1
|
||||
- bw-services
|
||||
|
||||
app2:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
- net_app2
|
||||
- bw-services
|
||||
|
||||
app3:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
- net_app3
|
||||
- bw-services
|
||||
|
||||
volumes:
|
||||
bw-data:
|
||||
|
@ -98,7 +90,5 @@ networks:
|
|||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
net-docker:
|
||||
net_app1:
|
||||
net_app2:
|
||||
net_app3:
|
||||
bw-docker:
|
||||
bw-services:
|
||||
|
|
|
@ -6,14 +6,7 @@ services:
|
|||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
# ⚠️ read this if you use local folders for volumes ⚠️
|
||||
# bunkerweb runs as an unprivileged user with UID/GID 101
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
|
||||
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- certs:/certs
|
||||
environment:
|
||||
- MULTISITE=yes
|
||||
|
@ -37,30 +30,29 @@ services:
|
|||
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
|
||||
networks:
|
||||
- bw-universe
|
||||
- net_app1
|
||||
- net_app2
|
||||
- net_app3
|
||||
- bw-services
|
||||
|
||||
bbw-scheduler:
|
||||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
- DOCKER_HOST=tcp://bw-docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
- certs:/certs
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
docker-proxy:
|
||||
bw-docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy:0.1
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
mycertbot:
|
||||
image: certbot/dns-google:v2.0.0
|
||||
|
@ -76,17 +68,17 @@ services:
|
|||
app1:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
- net_app1
|
||||
- bw-services
|
||||
|
||||
app2:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
- net_app2
|
||||
- bw-services
|
||||
|
||||
app3:
|
||||
image: tutum/hello-world
|
||||
networks:
|
||||
- net_app3
|
||||
- bw-services
|
||||
|
||||
volumes:
|
||||
bw-data:
|
||||
|
@ -98,7 +90,5 @@ networks:
|
|||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
net-docker:
|
||||
net_app1:
|
||||
net_app2:
|
||||
net_app3:
|
||||
bw-docker:
|
||||
bw-services:
|
||||
|
|
|
@ -2,17 +2,17 @@ version: "3"
|
|||
|
||||
services:
|
||||
myapp1:
|
||||
image: php:fpm-alpine3.17
|
||||
image: php:fpm
|
||||
networks:
|
||||
bw-services:
|
||||
aliases:
|
||||
- myapp1
|
||||
# ⚠️ UID and GID of mywww (101:101) and php:fpm (82:82) are not the same ⚠️
|
||||
# ⚠️ UID and GID of BunkerWeb (101:101) and php:fpm (33:33) are not the same ⚠️
|
||||
# but both needs access to the files and folders of web-files
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example : chown -R 82:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
|
||||
# example : chown -R 33:101 ./www && find ./www -type f -exec chmod 0640 {} \; && find ./www -type d -exec chmod 0750 {} \;
|
||||
volumes:
|
||||
- ./bw-data/www/app1.example.com:/app # folder containing PHP app1 (don't forget to rename it)
|
||||
- ./www/app1.example.com:/app # folder containing PHP app1 (don't forget to rename it)
|
||||
labels:
|
||||
- bunkerweb.SERVER_NAME=app1.example.com
|
||||
- bunkerweb.USE_CORS=yes
|
||||
|
@ -21,34 +21,34 @@ services:
|
|||
- bunkerweb.REMOTE_PHP_PATH=/app
|
||||
|
||||
myapp2:
|
||||
image: php:fpm-alpine3.17
|
||||
image: php:fpm-alpine
|
||||
networks:
|
||||
bw-services:
|
||||
aliases:
|
||||
- myapp2
|
||||
# ⚠️ UID and GID of bunkerweb (101:101) and php:fpm (82:82) are not the same ⚠️
|
||||
# ⚠️ UID and GID of BunkerWeb (101:101) and php:fpm (33:33) are not the same ⚠️
|
||||
# but both needs access to the files and folders of web-files
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example : chown -R 82:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
|
||||
# example : chown -R 33:101 ./www && find ./www -type f -exec chmod 0640 {} \; && find ./www -type d -exec chmod 0750 {} \;
|
||||
volumes:
|
||||
- ./bw-data/www/app2.example.com:/app # folder containing PHP app2 (don't forget to rename it)
|
||||
- ./www/app2.example.com:/app # folder containing PHP app2 (don't forget to rename it)
|
||||
labels:
|
||||
- bunkerweb.SERVER_NAME=app2.example.com
|
||||
- bunkerweb.REMOTE_PHP=myapp2
|
||||
- bunkerweb.REMOTE_PHP_PATH=/app
|
||||
|
||||
myapp3:
|
||||
image: php:fpm-alpine3.17
|
||||
image: php:fpm-alpine
|
||||
networks:
|
||||
bw-services:
|
||||
aliases:
|
||||
- myapp3
|
||||
# ⚠️ UID and GID of bunkerweb (101:101) and php:fpm (82:82) are not the same ⚠️
|
||||
# ⚠️ UID and GID of BunkerWeb (101:101) and php:fpm (33:33) are not the same ⚠️
|
||||
# but both needs access to the files and folders of web-files
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example : chown -R 82:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
|
||||
# example : chown -R 33:101 ./www && find ./www -type f -exec chmod 0640 {} \; && find ./www -type d -exec chmod 0750 {} \;
|
||||
volumes:
|
||||
- ./bw-data/www/app3.example.com:/app # folder containing PHP app3 (don't forget to rename it)
|
||||
- ./www/app3.example.com:/app # folder containing PHP app3 (don't forget to rename it)
|
||||
labels:
|
||||
- bunkerweb.SERVER_NAME=app3.example.com
|
||||
- bunkerweb.REMOTE_PHP=myapp3
|
||||
|
|
|
@ -13,7 +13,7 @@ services:
|
|||
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- ./bw-data:/data # contains web files (PHP, assets, ...), don't forget to rename the subfolders
|
||||
- ./www:/var/www/html
|
||||
environment:
|
||||
- SERVER_NAME=app1.example.com app2.example.com app3.example.com # replace with your domains
|
||||
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
|
||||
|
@ -35,63 +35,61 @@ services:
|
|||
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
|
||||
networks:
|
||||
- bw-universe
|
||||
- net_app1
|
||||
- net_app2
|
||||
- net_app3
|
||||
- bw-services
|
||||
|
||||
bw-scheduler:
|
||||
image: bunkerity/bunkerweb-scheduler:1.5.0
|
||||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
- DOCKER_HOST=tcp://bw-docker-proxy:2375
|
||||
volumes:
|
||||
- ./bw-data:/data
|
||||
- bw-data:/data
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
docker-proxy:
|
||||
bw-docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy:0.1
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
myapp1:
|
||||
image: php:fpm-alpine3.17
|
||||
# ⚠️ UID and GID of mywww (101:101) and php:fpm-alpine3.17 (82:82) are not the same ⚠️
|
||||
image: php:fpm
|
||||
# ⚠️ UID and GID of BunkerWeb (101:101) and php:fpm (33:33) are not the same ⚠️
|
||||
# but both needs access to the files and folders of web-files
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example : chown -R 82:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
|
||||
# example : chown -R 33:101 ./www && find ./www -type f -exec chmod 0640 {} \; && find ./www -type d -exec chmod 0750 {} \;
|
||||
volumes:
|
||||
- ./bw-data/www/app1.example.com:/app # folder containing PHP app1 (don't forget to rename it)
|
||||
- ./www/app1.example.com:/app # folder containing PHP app1 (don't forget to rename it)
|
||||
networks:
|
||||
- net_app1
|
||||
- bw-services
|
||||
|
||||
myapp2:
|
||||
image: php:fpm-alpine3.17
|
||||
# ⚠️ UID and GID of bunkerweb (101:101) and php:fpm-alpine3.17 (82:82) are not the same ⚠️
|
||||
image: php:fpm
|
||||
# ⚠️ UID and GID of BunkerWeb (101:101) and php:fpm (33:33) are not the same ⚠️
|
||||
# but both needs access to the files and folders of web-files
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example : chown -R 82:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
|
||||
# example : chown -R 33:101 ./www && find ./www -type f -exec chmod 0640 {} \; && find ./www -type d -exec chmod 0750 {} \;
|
||||
volumes:
|
||||
- ./bw-data/www/app2.example.com:/app # folder containing PHP app2 (don't forget to rename it)
|
||||
- ./www/app2.example.com:/app # folder containing PHP app2 (don't forget to rename it)
|
||||
networks:
|
||||
- net_app2
|
||||
- bw-services
|
||||
|
||||
myapp3:
|
||||
image: php:fpm-alpine3.17
|
||||
# ⚠️ UID and GID of bunkerweb (101:101) and php:fpm-alpine3.17 (82:82) are not the same ⚠️
|
||||
image: php:fpm
|
||||
# ⚠️ UID and GID of BunkerWeb (101:101) and php:fpm (33:33) are not the same ⚠️
|
||||
# but both needs access to the files and folders of web-files
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example : chown -R 82:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
|
||||
# example : chown -R 33:101 ./www && find ./www -type f -exec chmod 0640 {} \; && find ./www -type d -exec chmod 0750 {} \;
|
||||
volumes:
|
||||
- ./bw-data/www/app3.example.com:/app # folder containing PHP app3 (don't forget to rename it)
|
||||
- ./www/app3.example.com:/app # folder containing PHP app3 (don't forget to rename it)
|
||||
networks:
|
||||
- net_app3
|
||||
- bw-services
|
||||
|
||||
networks:
|
||||
bw-universe:
|
||||
|
@ -99,7 +97,5 @@ networks:
|
|||
driver: default
|
||||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
net-docker:
|
||||
net_app1:
|
||||
net_app2:
|
||||
net_app3:
|
||||
bw-docker:
|
||||
bw-services:
|
||||
|
|
|
@ -5,8 +5,6 @@ if [ $(id -u) -ne 0 ] ; then
|
|||
exit 1
|
||||
fi
|
||||
|
||||
chown -R root:101 bw-data
|
||||
chmod -R 770 bw-data
|
||||
chown -R 82:101 ./bw-data/www
|
||||
find ./bw-data/www -type f -exec chmod 0640 {} \;
|
||||
find ./bw-data/www -type d -exec chmod 0750 {} \;
|
||||
chown -R 33:101 ./www
|
||||
find ./www -type f -exec chmod 0640 {} \;
|
||||
find ./www -type d -exec chmod 0750 {} \;
|
|
@ -5,8 +5,6 @@ if [ $(id -u) -ne 0 ] ; then
|
|||
exit 1
|
||||
fi
|
||||
|
||||
chown -R root:101 bw-data
|
||||
chmod -R 770 bw-data
|
||||
chown -R 82:101 ./bw-data/www
|
||||
find ./bw-data/www -type f -exec chmod 0640 {} \;
|
||||
find ./bw-data/www -type d -exec chmod 0750 {} \;
|
||||
chown -R 33:101 ./www
|
||||
find ./www -type f -exec chmod 0640 {} \;
|
||||
find ./www -type d -exec chmod 0750 {} \;
|
|
@ -13,7 +13,7 @@ else
|
|||
echo "❌ No PHP user found"
|
||||
exit 1
|
||||
fi
|
||||
cp -r ./bw-data/www/* /var/www/html
|
||||
cp -r ./www/* /var/www/html
|
||||
chown -R $user:nginx /var/www/html
|
||||
find /var/www/html -type f -exec chmod 0640 {} \;
|
||||
find /var/www/html -type d -exec chmod 0750 {} \;
|
|
@ -6,14 +6,6 @@ services:
|
|||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
# ⚠️ read this if you use local folders for volumes ⚠️
|
||||
# bunkerweb runs as an unprivileged user with UID/GID 101
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
|
||||
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
environment:
|
||||
- MULTISITE=yes
|
||||
- SERVER_NAME=app1.example.com app2.example.com # replace with your domains
|
||||
|
@ -65,21 +57,21 @@ services:
|
|||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
- DOCKER_HOST=tcp://bw-docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
docker-proxy:
|
||||
bw-docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy:0.1
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
myapp1:
|
||||
image: tutum/hello-world
|
||||
|
@ -101,4 +93,4 @@ networks:
|
|||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
bw-services:
|
||||
net-docker:
|
||||
bw-docker:
|
||||
|
|
|
@ -23,7 +23,22 @@ services:
|
|||
- |
|
||||
CUSTOM_CONF_MODSEC_CRS_drupal=SecAction "id:900130,phase:1,nolog,pass,t:none,setvar:tx.crs_exclusions_drupal=1"
|
||||
|
||||
# For the database, you can refer to the example of the autoconf including a database
|
||||
mydb:
|
||||
image: mariadb:10.10
|
||||
networks:
|
||||
bw-services:
|
||||
aliases:
|
||||
- mydb
|
||||
volumes:
|
||||
- db-data:/var/lib/mysql
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=drupaldb
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password
|
||||
|
||||
volumes:
|
||||
db-data:
|
||||
|
||||
networks:
|
||||
bw-services:
|
||||
|
|
|
@ -1,24 +1,12 @@
|
|||
version: "3"
|
||||
|
||||
x-bunkerweb-env: &bunkerweb-env
|
||||
DATABASE_URI: "mariadb+pymysql://${DRUPAL_USER:-user}:${DRUPAL_PASSWORD:-secret}@mydb:3306/${BUNKERWEB_DATABASE:-bunkerweb}"
|
||||
|
||||
services:
|
||||
mybunker:
|
||||
image: bunkerity/bunkerweb:1.5.0
|
||||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
# ⚠️ read this if you use local folders for volumes ⚠️
|
||||
# bunkerweb runs as an unprivileged user with UID/GID 101
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
|
||||
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
environment:
|
||||
<<: *bunkerweb-env
|
||||
SERVER_NAME: "www.example.com" # replace with your domain
|
||||
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
|
||||
SERVE_FILES: "no"
|
||||
|
@ -44,22 +32,21 @@ services:
|
|||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
<<: *bunkerweb-env
|
||||
DOCKER_HOST: "tcp://docker-proxy:2375"
|
||||
DOCKER_HOST: "tcp://bw-docker-proxy:2375"
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
docker-proxy:
|
||||
bw-docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy:0.1
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
mydrupal:
|
||||
image: drupal:9.4-apache
|
||||
|
@ -76,10 +63,11 @@ services:
|
|||
volumes:
|
||||
- db-data:/var/lib/mysql
|
||||
environment:
|
||||
MARIADB_RANDOM_ROOT_PASSWORD: "yes"
|
||||
entrypoint: sh -c "echo 'DROP USER IF EXISTS \"${DRUPAL_USER:-user}\"; CREATE USER \"${DRUPAL_USER:-user}\"@\"%\"; CREATE DATABASE IF NOT EXISTS ${DRUPAL_DATABASE:-drupaldb}; CREATE DATABASE IF NOT EXISTS ${BUNKERWEB_DATABASE:-bunkerweb}; GRANT ALL PRIVILEGES ON ${DRUPAL_DATABASE:-drupaldb}.* TO \"${DRUPAL_USER:-user}\"@\"%\" IDENTIFIED BY \"${DRUPAL_PASSWORD:-secret}\"; GRANT ALL PRIVILEGES ON ${BUNKERWEB_DATABASE:-bunkerweb}.* TO \"${DRUPAL_USER:-user}\"@\"%\" IDENTIFIED BY \"${DRUPAL_PASSWORD:-secret}\"; FLUSH PRIVILEGES;' > /docker-entrypoint-initdb.d/init.sql; /usr/local/bin/docker-entrypoint.sh --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci"
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=drupaldb
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password
|
||||
networks:
|
||||
- bw-universe
|
||||
- bw-services
|
||||
|
||||
volumes:
|
||||
|
@ -93,4 +81,4 @@ networks:
|
|||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
bw-services:
|
||||
net-docker:
|
||||
bw-docker:
|
||||
|
|
|
@ -23,7 +23,21 @@ services:
|
|||
- bunkerweb.LIMIT_REQ_URL_1=/core/install.php
|
||||
- bunkerweb.LIMIT_REQ_RATE_1=5r/s
|
||||
|
||||
# For the database, you can refer to the swarm example including a database
|
||||
mydb:
|
||||
image: mariadb:10.10
|
||||
networks:
|
||||
- bw-services
|
||||
volumes:
|
||||
- db-data:/var/lib/mysql
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=drupaldb
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password
|
||||
deploy:
|
||||
placement:
|
||||
constraints:
|
||||
- "node.role==worker"
|
||||
|
||||
networks:
|
||||
bw-services:
|
||||
|
|
|
@ -4,7 +4,7 @@ services:
|
|||
myghost:
|
||||
image: ghost:5.25-alpine
|
||||
volumes:
|
||||
- ./ghost_data:/var/lib/ghost/content
|
||||
- ghost-data:/var/lib/ghost/content
|
||||
networks:
|
||||
bw-services:
|
||||
aliases:
|
||||
|
@ -18,6 +18,9 @@ services:
|
|||
- bunkerweb.REVERSE_PROXY_URL=/
|
||||
- bunkerweb.REVERSE_PROXY_HOST=http://myghost:2368
|
||||
|
||||
volumes:
|
||||
ghost-data:
|
||||
|
||||
networks:
|
||||
bw-services:
|
||||
external:
|
||||
|
|
|
@ -6,14 +6,6 @@ services:
|
|||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
# ⚠️ read this if you use local folders for volumes ⚠️
|
||||
# bunkerweb runs as an unprivileged user with UID/GID 101
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
|
||||
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
environment:
|
||||
- SERVER_NAME=www.example.com # replace with your domain
|
||||
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
|
||||
|
@ -36,26 +28,26 @@ services:
|
|||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
- DOCKER_HOST=tcp://bw-docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
docker-proxy:
|
||||
bw-docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy:0.1
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
myghost:
|
||||
image: ghost:5.25-alpine
|
||||
volumes:
|
||||
- ./ghost-data:/var/lib/ghost/content
|
||||
- ghost-data:/var/lib/ghost/content
|
||||
environment:
|
||||
- url=https://www.example.com # replace with your domain
|
||||
- NODE_ENV=development
|
||||
|
@ -64,6 +56,7 @@ services:
|
|||
|
||||
volumes:
|
||||
bw-data:
|
||||
ghost-data:
|
||||
|
||||
networks:
|
||||
bw-universe:
|
||||
|
@ -72,4 +65,4 @@ networks:
|
|||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
bw-services:
|
||||
net-docker:
|
||||
bw-docker:
|
||||
|
|
|
@ -6,14 +6,6 @@ services:
|
|||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
# ⚠️ read this if you use local folders for volumes ⚠️
|
||||
# bunkerweb runs as an unprivileged user with UID/GID 101
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
|
||||
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
environment:
|
||||
- SERVER_NAME=www.example.com # replace with your domain
|
||||
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
|
||||
|
@ -40,21 +32,21 @@ services:
|
|||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
- DOCKER_HOST=tcp://bw-docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
docker-proxy:
|
||||
bw-docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy:0.1
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
mygogs:
|
||||
image: gogs/gogs:0.12
|
||||
|
@ -73,4 +65,4 @@ networks:
|
|||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
bw-services:
|
||||
net-docker:
|
||||
bw-docker:
|
||||
|
|
|
@ -15,18 +15,11 @@ services:
|
|||
tmpfs:
|
||||
- /tmp:mode=0770,uid=0,gid=101
|
||||
- /var/tmp/bunkerweb:mode=0770,uid=0,gid=101
|
||||
- /var/cache/bunkerweb:mode=0770,uid=0,gid=101
|
||||
- /etc/nginx:mode=0770,uid=0,gid=101
|
||||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
# ⚠️ read this if you use local folders for volumes ⚠️
|
||||
# bunkerweb runs as an unprivileged user with UID/GID 101
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
|
||||
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
environment:
|
||||
- SERVER_NAME=www.example.com # replace with your domain
|
||||
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
|
||||
|
@ -49,21 +42,21 @@ services:
|
|||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
- DOCKER_HOST=tcp://docker-proxy:2375
|
||||
- DOCKER_HOST=tcp://bw-docker-proxy:2375
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
docker-proxy:
|
||||
bw-docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy:0.1
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
myapp:
|
||||
image: tutum/hello-world
|
||||
|
@ -80,4 +73,4 @@ networks:
|
|||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
bw-services:
|
||||
net-docker:
|
||||
bw-docker:
|
||||
|
|
|
@ -8,7 +8,7 @@ services:
|
|||
aliases:
|
||||
- myjoomla
|
||||
volumes:
|
||||
- ./joomla-files:/var/www/html
|
||||
- joomla-data:/var/www/html
|
||||
environment:
|
||||
- JOOMLA_DB_HOST=mydb
|
||||
- JOOMLA_DB_NAME=joomla_db
|
||||
|
@ -24,7 +24,23 @@ services:
|
|||
- bunkerweb.LIMIT_REQ_URL_2=/installation/index.php
|
||||
- bunkerweb.LIMIT_REQ_RATE_2=8r/s
|
||||
|
||||
# For the database, you can refer to the autoconf integration example including a database
|
||||
mydb:
|
||||
image: mariadb
|
||||
volumes:
|
||||
- db-data:/var/lib/mysql
|
||||
networks:
|
||||
bw-services:
|
||||
aliases:
|
||||
- mydb
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=joomla_db
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match JOOMLA_DB_PASSWORD)
|
||||
|
||||
volumes:
|
||||
joomla-data:
|
||||
db-data:
|
||||
|
||||
networks:
|
||||
bw-services:
|
||||
|
|
|
@ -1,24 +1,12 @@
|
|||
version: "3"
|
||||
|
||||
x-bunkerweb-env: &bunkerweb-env
|
||||
DATABASE_URI: "mariadb+pymysql://${JOOMLA_USER:-user}:${JOOMLA_PASSWORD:-secret}@mydb:3306/${BUNKERWEB_DATABASE:-bunkerweb}"
|
||||
|
||||
services:
|
||||
mybunker:
|
||||
image: bunkerity/bunkerweb:1.5.0
|
||||
ports:
|
||||
- 80:8080
|
||||
- 443:8443
|
||||
# ⚠️ read this if you use local folders for volumes ⚠️
|
||||
# bunkerweb runs as an unprivileged user with UID/GID 101
|
||||
# don't forget to edit the permissions of the files and folders accordingly
|
||||
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
|
||||
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
|
||||
# more info at https://docs.bunkerweb.io
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
environment:
|
||||
<<: *bunkerweb-env
|
||||
SERVER_NAME: "www.example.com" # replace with your domain
|
||||
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
|
||||
AUTO_LETS_ENCRYPT: "yes"
|
||||
|
@ -44,27 +32,26 @@ services:
|
|||
depends_on:
|
||||
- mybunker
|
||||
environment:
|
||||
<<: *bunkerweb-env
|
||||
DOCKER_HOST: "tcp://docker-proxy:2375"
|
||||
DOCKER_HOST: "tcp://bw-docker-proxy:2375"
|
||||
volumes:
|
||||
- bw-data:/data
|
||||
networks:
|
||||
- bw-universe
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
docker-proxy:
|
||||
bw-docker-proxy:
|
||||
image: tecnativa/docker-socket-proxy:0.1
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock:ro
|
||||
environment:
|
||||
- CONTAINERS=1
|
||||
networks:
|
||||
- net-docker
|
||||
- bw-docker
|
||||
|
||||
myjoomla:
|
||||
image: joomla:4-apache
|
||||
volumes:
|
||||
- ./joomla-files:/var/www/html
|
||||
- joomla-data:/var/www/html
|
||||
environment:
|
||||
- JOOMLA_DB_HOST=mydb
|
||||
- JOOMLA_DB_NAME=${JOOMLA_DATABASE:-joomladb}
|
||||
|
@ -74,18 +61,19 @@ services:
|
|||
- bw-services
|
||||
|
||||
mydb:
|
||||
image: mariadb:10.10
|
||||
image: mariadb
|
||||
volumes:
|
||||
- db-data:/var/lib/mysql
|
||||
environment:
|
||||
MARIADB_RANDOM_ROOT_PASSWORD: "yes"
|
||||
entrypoint: sh -c "echo 'DROP USER IF EXISTS \"${JOOMLA_USER:-user}\"; CREATE USER \"${JOOMLA_USER:-user}\"@\"%\"; CREATE DATABASE IF NOT EXISTS ${JOOMLA_DATABASE:-joomladb}; CREATE DATABASE IF NOT EXISTS ${BUNKERWEB_DATABASE:-bunkerweb}; GRANT ALL PRIVILEGES ON ${JOOMLA_DATABASE:-joomladb}.* TO \"${JOOMLA_USER:-user}\"@\"%\" IDENTIFIED BY \"${JOOMLA_PASSWORD:-secret}\"; GRANT ALL PRIVILEGES ON ${BUNKERWEB_DATABASE:-bunkerweb}.* TO \"${JOOMLA_USER:-user}\"@\"%\" IDENTIFIED BY \"${JOOMLA_PASSWORD:-secret}\"; FLUSH PRIVILEGES;' > /docker-entrypoint-initdb.d/init.sql; /usr/local/bin/docker-entrypoint.sh --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci"
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=joomla_db
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match JOOMLA_DB_PASSWORD)
|
||||
networks:
|
||||
- bw-universe
|
||||
- bw-services
|
||||
|
||||
volumes:
|
||||
bw-data:
|
||||
joomla-data:
|
||||
db-data:
|
||||
|
||||
networks:
|
||||
|
@ -95,4 +83,4 @@ networks:
|
|||
config:
|
||||
- subnet: 10.20.30.0/24
|
||||
bw-services:
|
||||
net-docker:
|
||||
bw-docker:
|
||||
|
|
|
@ -6,7 +6,7 @@ services:
|
|||
networks:
|
||||
- bw-services
|
||||
volumes:
|
||||
- joomla_files:/var/www/html
|
||||
- joomla-files:/var/www/html
|
||||
environment:
|
||||
- JOOMLA_DB_HOST=mydb
|
||||
- JOOMLA_DB_NAME=joomla_db
|
||||
|
@ -26,7 +26,22 @@ services:
|
|||
- bunkerweb.LIMIT_REQ_URL_2=/installation/index.php
|
||||
- bunkerweb.LIMIT_REQ_RATE_2=8r/s
|
||||
|
||||
# For the database, you can refer to the swarm integration example including a database
|
||||
mydb:
|
||||
image: mariadb
|
||||
networks:
|
||||
- bw-services
|
||||
volumes:
|
||||
- db-data:/var/lib/mysql
|
||||
environment:
|
||||
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||
- MYSQL_DATABASE=joomla_db
|
||||
- MYSQL_USER=user
|
||||
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match JOOMLA_DB_PASSWORD)
|
||||
deploy:
|
||||
placement:
|
||||
constraints:
|
||||
- "node.role==worker"
|
||||
|
||||
|
||||
networks:
|
||||
bw-services:
|
||||
|
@ -34,5 +49,5 @@ networks:
|
|||
name: bw-services
|
||||
|
||||
volumes:
|
||||
joomla_files:
|
||||
db_data:
|
||||
joomla-files:
|
||||
db-data:
|
||||
|
|
|
@ -48,11 +48,10 @@ RUN apk add --no-cache pcre bash python3 && \
|
|||
cp /usr/share/bunkerweb/helpers/bwcli /usr/bin/ && \
|
||||
echo "Docker" > /usr/share/bunkerweb/INTEGRATION && \
|
||||
mkdir -p /var/tmp/bunkerweb && \
|
||||
mkdir -p /var/www && \
|
||||
mkdir -p /var/www/html && \
|
||||
mkdir -p /etc/bunkerweb && \
|
||||
mkdir -p /data/cache && ln -s /data/cache /var/cache/bunkerweb && \
|
||||
mkdir -p /data/cache/letsencrypt && ln -s /data/cache/letsencrypt /etc/letsencrypt && \
|
||||
mkdir -p /data/www && ln -s /data/www /var/www/html && \
|
||||
for dir in $(echo "configs plugins") ; do mkdir -p "/data/${dir}" && ln -s "/data/${dir}" "/etc/bunkerweb/${dir}" ; done && \
|
||||
for dir in $(echo "configs/http configs/stream configs/server-http configs/server-stream configs/default-server-http configs/default-server-stream configs/modsec configs/modsec-crs") ; do mkdir "/data/${dir}" ; done && \
|
||||
chown -R root:nginx /data && \
|
||||
|
|
|
@ -22,9 +22,9 @@ class DockerTest(Test) :
|
|||
try :
|
||||
if not Test.init() :
|
||||
return False
|
||||
proc = run("sudo chown -R 101:101 /tmp/bw-data", shell=True)
|
||||
if proc.returncode != 0 :
|
||||
raise(Exception("chown failed (autoconf stack)"))
|
||||
# proc = run("sudo chown -R 101:101 /tmp/bw-data", shell=True)
|
||||
# if proc.returncode != 0 :
|
||||
# raise(Exception("chown failed (autoconf stack)"))
|
||||
except :
|
||||
log("DOCKER", "❌", "exception while running DockerTest.init()\n" + format_exc())
|
||||
return False
|
||||
|
|
|
@ -4,9 +4,9 @@
|
|||
cd ./tests/ui
|
||||
|
||||
# Prepare environment
|
||||
sed -i "s@bunkerity/bunkerweb:.*@local/bunkerweb-tests:$MODE@" docker-compose.yml
|
||||
sed -i "s@bunkerity/bunkerweb-scheduler:.*@local/scheduler-tests:$MODE@" docker-compose.yml
|
||||
sed -i "s@bunkerity/bunkerweb-ui:.*@local/scheduler-tests:$MODE@" docker-compose.yml
|
||||
sed -i "s@bunkerity/bunkerweb:.*@bunkerweb-tests@" docker-compose.yml
|
||||
sed -i "s@bunkerity/bunkerweb-scheduler:.*@scheduler-tests@" docker-compose.yml
|
||||
sed -i "s@bunkerity/bunkerweb-ui:.*@scheduler-tests@" docker-compose.yml
|
||||
|
||||
# Start stack
|
||||
docker-compose pull docker-proxy app1
|
||||
|
|
Loading…
Reference in New Issue