librewolf
/
bunkerized-nginx
mirror of https://github.com/bunkerity/bunkerized-nginx
4
0
Fork 1
Code Issues Projects Releases Wiki Activity

init work on examples refactoring

This commit is contained in:
bunkerity 2023-03-08 17:01:55 +01:00
parent 0210ddd886
commit 966f57ceaa
41 changed files with 285 additions and 349 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
.github/workflows/staging-tests-ui.yml vendored
View File

@ -25,9 +25,11 @@ jobs:
username: registry
password: ${{ secrets.PRIVATE_REGISTRY_TOKEN }}
- name: Pull BW image
run: docker pull ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-tests:staging && docker tag ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-tests:staging local/bunkerweb-tests:latest
run: docker pull ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-tests:staging && docker tag ${{ secrets.PRIVATE_REGISTRY }}/infra/bunkerweb-tests:staging bunkerweb-tests
- name: Pull Scheduler image
run: docker pull ${{ secrets.PRIVATE_REGISTRY }}/infra/scheduler-tests:staging && docker tag ${{ secrets.PRIVATE_REGISTRY }}/infra/scheduler-tests:staging local/scheduler-tests:latest
run: docker pull ${{ secrets.PRIVATE_REGISTRY }}/infra/scheduler-tests:staging && docker tag ${{ secrets.PRIVATE_REGISTRY }}/infra/scheduler-tests:staging scheduler-tests
- name: Pull UI image
run: docker pull ${{ secrets.PRIVATE_REGISTRY }}/infra/ui-tests:staging && docker tag ${{ secrets.PRIVATE_REGISTRY }}/infra/ui-tests:staging ui-tests
# Do tests
- name: Run tests
run: ./tests/ui/tests.sh

25
examples/authelia/docker-compose.yml
View File

@ -11,14 +11,6 @@ services:
networks:
- bw-universe
- bw-services
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
environment:
- MULTISITE=yes
- SERVER_NAME=auth.example.com app1.example.com app2.example.com # replace with your domains
@ -55,10 +47,22 @@ services:
image: bunkerity/bunkerweb-scheduler:1.5.0
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://bw-docker-proxy:2375
networks:
- bw-universe
- bw-docker
volumes:
- bw-data:/data
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- bw-docker
# APPLICATIONS
app1:
@ -75,7 +79,7 @@ services:
image: authelia/authelia:4
container_name: authelia
networks:
- bw-universe
- bw-services
volumes:
- ./authelia:/config
restart: unless-stopped
@ -88,7 +92,7 @@ services:
image: redis:7-alpine
container_name: redis
networks:
- bw-universe
- bw-services
volumes:
- ./redis:/data
expose:
@ -108,3 +112,4 @@ networks:
config:
- subnet: 10.20.30.0/24
bw-services:
bw-docker:

11
examples/authelia/swarm.yml
View File

@ -48,7 +48,7 @@ services:
authelia:
image: authelia/authelia:4
networks:
- bw-universe
- bw-services
configs:
- source: config_authelia_configuration
target: /config/configuration.yml
@ -78,7 +78,7 @@ services:
redis:
image: redis:7-alpine
networks:
- bw-universe
- bw-services
volumes:
- redis:/data
environment:
@ -89,13 +89,6 @@ services:
- "node.role==worker"
networks:
bw-universe:
external:
name: bw-universe
ipam:
driver: default
config:
- subnet: 10.20.30.0/24
bw-services:
external:
name: bw-services

28
examples/authentik/docker-compose.yml
View File

@ -2,10 +2,7 @@ version: "3.4"
services:
mybunker:
# image: bunkerity/bunkerweb:1.5.0
build:
context: ../..
dockerfile: src/bw/Dockerfile
image: bunkerity/bunkerweb:1.5.0
ports:
- 80:8080
- 443:8443
@ -14,12 +11,6 @@ services:
networks:
- bw-universe
- bw-services
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
environment:
- MULTISITE=yes
- SERVER_NAME=auth.example.com app1.example.com app2.example.com # replace with your domains
@ -62,17 +53,25 @@ services:
- app2.example.com_REVERSE_PROXY_HEADERS=X-authentik-username $$authentik_username;X-authentik-groups $$authentik_groups;X-authentik-email $$authentik_email;X-authentik-name $$authentik_name;X-authentik-uid $$authentik_uid
bw-scheduler:
# image: bunkerity/bunkerweb-scheduler:1.5.0
build:
context: ../..
dockerfile: src/scheduler/Dockerfile
image: bunkerity/bunkerweb-scheduler:1.5.0
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://bw-docker-proxy:2375
networks:
- bw-universe
- bw-docker
volumes:
- bw-data:/data
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- bw-docker
# APPLICATIONS
app1:
@ -191,3 +190,4 @@ networks:
config:
- subnet: 10.20.30.0/24
bw-services:
bw-docker:

14
examples/autoconf-php/autoconf.yml
View File

@ -12,7 +12,7 @@ services:
# don't forget to edit the permissions of the files and folders accordingly
# example : chown -R 33:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
volumes:
- ./bw-data/www/app1.example.com:/app # folder containing PHP app1 (don't forget to rename it)
- ./www/app1.example.com:/app # folder containing PHP app1 (don't forget to rename it)
labels:
- "bunkerweb.SERVER_NAME=app1.example.com" # replace with your domain
- "bunkerweb.REMOTE_PHP=myapp1"
@ -24,12 +24,12 @@ services:
bw-services:
aliases:
- myapp2
# ⚠️ UID and GID of mywww (101:101) and php:fpm (33:33) are not the same ⚠️
# ⚠️ UID and GID of BunkerWeb (101:101) and php:fpm (33:33) are not the same ⚠️
# but both needs access to the files and folders of web-files
# don't forget to edit the permissions of the files and folders accordingly
# example : chown -R 33:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
# example : chown -R 33:101 ./www && find ./www -type f -exec chmod 0640 {} \; && find ./www -type d -exec chmod 0750 {} \;
volumes:
- ./bw-data/www/app2.example.com:/app # folder containing PHP app2 (don't forget to rename it)
- ./www/app2.example.com:/app # folder containing PHP app2 (don't forget to rename it)
labels:
- "bunkerweb.SERVER_NAME=app2.example.com" # replace with your domain
- "bunkerweb.REMOTE_PHP=myapp2"
@ -41,12 +41,12 @@ services:
bw-services:
aliases:
- myapp3
# ⚠️ UID and GID of mywww (101:101) and php:fpm (33:33) are not the same ⚠️
# ⚠️ UID and GID of BunkerWeb (101:101) and php:fpm (33:33) are not the same ⚠️
# but both needs access to the files and folders of web-files
# don't forget to edit the permissions of the files and folders accordingly
# example : chown -R 33:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
# example : chown -R 33:101 ./www && find ./www -type f -exec chmod 0640 {} \; && find ./www -type d -exec chmod 0750 {} \;
volumes:
- ./bw-data/www/app3.example.com:/app # folder containing PHP app3 (don't forget to rename it)
- ./www/app3.example.com:/app # folder containing PHP app3 (don't forget to rename it)
labels:
- "bunkerweb.SERVER_NAME=app3.example.com" # replace with your domain
- "bunkerweb.REMOTE_PHP=myapp3"

9
examples/autoconf-php/setup-autoconf.sh
View File

@ -5,9 +5,6 @@ if [ $(id -u) -ne 0 ] ; then
exit 1
fi
chown -R 101:101 bw-data
find ./bw-data/ -type f -exec chmod 0640 {} \;
find ./bw-data/ -type d -exec chmod 0750 {} \;
chown -R 101:33 ./bw-data/www
find ./bw-data/www -type f -exec chmod 0660 {} \;
find ./bw-data/www -type d -exec chmod 0770 {} \;
chown -R 101:33 ./www
find ./www -type f -exec chmod 0660 {} \;
find ./www -type d -exec chmod 0770 {} \;

0
examples/autoconf-php/bw-data/www/app1.example.com/index.php → examples/autoconf-php/www/app1.example.com/index.php
View File

0
examples/autoconf-php/bw-data/www/app1.example.com/js/script.js → examples/autoconf-php/www/app1.example.com/js/script.js
View File

0
examples/autoconf-php/bw-data/www/app2.example.com/index.php → examples/autoconf-php/www/app2.example.com/index.php
View File

0
examples/autoconf-php/bw-data/www/app2.example.com/js/script.js → examples/autoconf-php/www/app2.example.com/js/script.js
View File

0
examples/autoconf-php/bw-data/www/app3.example.com/index.php → examples/autoconf-php/www/app3.example.com/index.php
View File

0
examples/autoconf-php/bw-data/www/app3.example.com/js/script.js → examples/autoconf-php/www/app3.example.com/js/script.js
View File

18
examples/behind-reverse-proxy/docker-compose.yml
View File

@ -3,14 +3,6 @@ version: "3"
services:
mybunker:
image: bunkerity/bunkerweb:1.5.0
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
environment:
- SERVER_NAME=www.example.com # replace with your domains
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
@ -37,21 +29,21 @@ services:
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
myproxy:
image: haproxy:2.7.0
@ -82,4 +74,4 @@ networks:
config:
- subnet: 10.10.10.0/24
bw-services:
net-docker:
bw-docker:

31
examples/bigbluebutton/docker-compose.yml
View File

@ -31,52 +31,44 @@ services:
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
environment:
- SERVER_NAME=${DOMAIN}
- API_WHITELIST_IP=127.0.0.0/8 10.7.7.0/24
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
- AUTO_LETS_ENCRYPT=yes
- USE_CLIENT_CACHE=yes
- USE_GZIP=yes
- USE_REVERSE_PROXY=yes
- REVERSE_PROXY_WS=yes
- REVERSE_PROXY_URL=/
- REVERSE_PROXY_HOST=http://10.7.7.253:48087
- REVERSE_PROXY_HOST=http://10.7.7.253:8080
labels:
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
# You have to put this IP address in your docker-compose.yml file
networks:
bbb-net:
ipv4_address: 10.7.7.254
bw-universe:
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.0
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
networks:
bbb-net:
ipv4_address: 10.7.7.42
net-docker:
bw-universe:
bw-docker:
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
...
@ -86,4 +78,9 @@ volumes:
networks:
...
net-docker:
bw-universe:
ipam:
driver: default
config:
- subnet: 10.20.30.0/24
bw-docker:

32
examples/certbot-dns-cloudflare/docker-compose.yml
View File

@ -6,14 +6,8 @@ services:
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
- certs:/certs
environment:
- MULTISITE=yes
- SERVER_NAME=app1.example.com app2.example.com app3.example.com # replace with your domains
@ -36,31 +30,29 @@ services:
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
networks:
- bw-universe
- net_app1
- net_app2
- net_app3
- bw-services
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.0
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
- certs:/certs
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
mycertbot:
image: certbot/dns-cloudflare:v2.0.0
@ -76,17 +68,17 @@ services:
app1:
image: tutum/hello-world
networks:
- net_app1
- bw-services
app2:
image: tutum/hello-world
networks:
- net_app2
- bw-services
app3:
image: tutum/hello-world
networks:
- net_app3
- bw-services
volumes:
bw-data:
@ -98,7 +90,5 @@ networks:
driver: default
config:
- subnet: 10.20.30.0/24
net-docker:
net_app1:
net_app2:
net_app3:
bw-docker:
bw-services:

32
examples/certbot-dns-digitalocean/docker-compose.yml
View File

@ -6,14 +6,8 @@ services:
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
- certs:/certs
environment:
- MULTISITE=yes
- SERVER_NAME=app1.example.com app2.example.com app3.example.com # replace with your domains
@ -36,31 +30,29 @@ services:
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
networks:
- bw-universe
- net_app1
- net_app2
- net_app3
- bw-services
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.0
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
- certs:/certs
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
mycertbot:
image: certbot/dns-digitalocean:v2.0.0
@ -76,17 +68,17 @@ services:
app1:
image: tutum/hello-world
networks:
- net_app1
- bw-services
app2:
image: tutum/hello-world
networks:
- net_app2
- bw-services
app3:
image: tutum/hello-world
networks:
- net_app3
- bw-services
volumes:
bw-data:
@ -98,7 +90,5 @@ networks:
driver: default
config:
- subnet: 10.20.30.0/24
net-docker:
net_app1:
net_app2:
net_app3:
bw-docker:
bw-services:

32
examples/certbot-dns-google/docker-compose.yml
View File

@ -6,14 +6,8 @@ services:
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
- certs:/certs
environment:
- MULTISITE=yes
- SERVER_NAME=app1.example.com app2.example.com app3.example.com # replace with your domains
@ -36,31 +30,29 @@ services:
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
networks:
- bw-universe
- net_app1
- net_app2
- net_app3
- bw-services
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.0
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
- certs:/certs
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
mycertbot:
image: certbot/dns-google:v2.0.0
@ -76,17 +68,17 @@ services:
app1:
image: tutum/hello-world
networks:
- net_app1
- bw-services
app2:
image: tutum/hello-world
networks:
- net_app2
- bw-services
app3:
image: tutum/hello-world
networks:
- net_app3
- bw-services
volumes:
bw-data:
@ -98,7 +90,5 @@ networks:
driver: default
config:
- subnet: 10.20.30.0/24
net-docker:
net_app1:
net_app2:
net_app3:
bw-docker:
bw-services:

32
examples/certbot-dns-ovh/docker-compose.yml
View File

@ -6,14 +6,7 @@ services:
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
- certs:/certs
environment:
- MULTISITE=yes
@ -37,30 +30,29 @@ services:
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
networks:
- bw-universe
- net_app1
- net_app2
- net_app3
- bw-services
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.0
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
- certs:/certs
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
mycertbot:
image: certbot/dns-ovh:v2.0.0
@ -76,17 +68,17 @@ services:
app1:
image: tutum/hello-world
networks:
- net_app1
- bw-services
app2:
image: tutum/hello-world
networks:
- net_app2
- bw-services
app3:
image: tutum/hello-world
networks:
- net_app3
- bw-services
volumes:
bw-data:
@ -98,7 +90,5 @@ networks:
driver: default
config:
- subnet: 10.20.30.0/24
net-docker:
net_app1:
net_app2:
net_app3:
bw-docker:
bw-services:

32
examples/certbot-dns-route53/docker-compose.yml
View File

@ -6,14 +6,7 @@ services:
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
- certs:/certs
environment:
- MULTISITE=yes
@ -37,30 +30,29 @@ services:
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
networks:
- bw-universe
- net_app1
- net_app2
- net_app3
- bw-services
bbw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.0
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
- certs:/certs
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
mycertbot:
image: certbot/dns-google:v2.0.0
@ -76,17 +68,17 @@ services:
app1:
image: tutum/hello-world
networks:
- net_app1
- bw-services
app2:
image: tutum/hello-world
networks:
- net_app2
- bw-services
app3:
image: tutum/hello-world
networks:
- net_app3
- bw-services
volumes:
bw-data:
@ -98,7 +90,5 @@ networks:
driver: default
config:
- subnet: 10.20.30.0/24
net-docker:
net_app1:
net_app2:
net_app3:
bw-docker:
bw-services:

24
examples/cors/autoconf.yml
View File

@ -2,17 +2,17 @@ version: "3"
services:
myapp1:
image: php:fpm-alpine3.17
image: php:fpm
networks:
bw-services:
aliases:
- myapp1
# ⚠️ UID and GID of mywww (101:101) and php:fpm (82:82) are not the same ⚠️
# ⚠️ UID and GID of BunkerWeb (101:101) and php:fpm (33:33) are not the same ⚠️
# but both needs access to the files and folders of web-files
# don't forget to edit the permissions of the files and folders accordingly
# example : chown -R 82:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
# example : chown -R 33:101 ./www && find ./www -type f -exec chmod 0640 {} \; && find ./www -type d -exec chmod 0750 {} \;
volumes:
- ./bw-data/www/app1.example.com:/app # folder containing PHP app1 (don't forget to rename it)
- ./www/app1.example.com:/app # folder containing PHP app1 (don't forget to rename it)
labels:
- bunkerweb.SERVER_NAME=app1.example.com
- bunkerweb.USE_CORS=yes
@ -21,34 +21,34 @@ services:
- bunkerweb.REMOTE_PHP_PATH=/app
myapp2:
image: php:fpm-alpine3.17
image: php:fpm-alpine
networks:
bw-services:
aliases:
- myapp2
# ⚠️ UID and GID of bunkerweb (101:101) and php:fpm (82:82) are not the same ⚠️
# ⚠️ UID and GID of BunkerWeb (101:101) and php:fpm (33:33) are not the same ⚠️
# but both needs access to the files and folders of web-files
# don't forget to edit the permissions of the files and folders accordingly
# example : chown -R 82:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
# example : chown -R 33:101 ./www && find ./www -type f -exec chmod 0640 {} \; && find ./www -type d -exec chmod 0750 {} \;
volumes:
- ./bw-data/www/app2.example.com:/app # folder containing PHP app2 (don't forget to rename it)
- ./www/app2.example.com:/app # folder containing PHP app2 (don't forget to rename it)
labels:
- bunkerweb.SERVER_NAME=app2.example.com
- bunkerweb.REMOTE_PHP=myapp2
- bunkerweb.REMOTE_PHP_PATH=/app
myapp3:
image: php:fpm-alpine3.17
image: php:fpm-alpine
networks:
bw-services:
aliases:
- myapp3
# ⚠️ UID and GID of bunkerweb (101:101) and php:fpm (82:82) are not the same ⚠️
# ⚠️ UID and GID of BunkerWeb (101:101) and php:fpm (33:33) are not the same ⚠️
# but both needs access to the files and folders of web-files
# don't forget to edit the permissions of the files and folders accordingly
# example : chown -R 82:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
# example : chown -R 33:101 ./www && find ./www -type f -exec chmod 0640 {} \; && find ./www -type d -exec chmod 0750 {} \;
volumes:
- ./bw-data/www/app3.example.com:/app # folder containing PHP app3 (don't forget to rename it)
- ./www/app3.example.com:/app # folder containing PHP app3 (don't forget to rename it)
labels:
- bunkerweb.SERVER_NAME=app3.example.com
- bunkerweb.REMOTE_PHP=myapp3

52
examples/cors/docker-compose.yml
View File

@ -13,7 +13,7 @@ services:
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- ./bw-data:/data # contains web files (PHP, assets, ...), don't forget to rename the subfolders
- ./www:/var/www/html
environment:
- SERVER_NAME=app1.example.com app2.example.com app3.example.com # replace with your domains
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
@ -35,63 +35,61 @@ services:
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
networks:
- bw-universe
- net_app1
- net_app2
- net_app3
- bw-services
bw-scheduler:
image: bunkerity/bunkerweb-scheduler:1.5.0
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- ./bw-data:/data
- bw-data:/data
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
myapp1:
image: php:fpm-alpine3.17
# ⚠️ UID and GID of mywww (101:101) and php:fpm-alpine3.17 (82:82) are not the same ⚠️
image: php:fpm
# ⚠️ UID and GID of BunkerWeb (101:101) and php:fpm (33:33) are not the same ⚠️
# but both needs access to the files and folders of web-files
# don't forget to edit the permissions of the files and folders accordingly
# example : chown -R 82:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
# example : chown -R 33:101 ./www && find ./www -type f -exec chmod 0640 {} \; && find ./www -type d -exec chmod 0750 {} \;
volumes:
- ./bw-data/www/app1.example.com:/app # folder containing PHP app1 (don't forget to rename it)
- ./www/app1.example.com:/app # folder containing PHP app1 (don't forget to rename it)
networks:
- net_app1
- bw-services
myapp2:
image: php:fpm-alpine3.17
# ⚠️ UID and GID of bunkerweb (101:101) and php:fpm-alpine3.17 (82:82) are not the same ⚠️
image: php:fpm
# ⚠️ UID and GID of BunkerWeb (101:101) and php:fpm (33:33) are not the same ⚠️
# but both needs access to the files and folders of web-files
# don't forget to edit the permissions of the files and folders accordingly
# example : chown -R 82:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
# example : chown -R 33:101 ./www && find ./www -type f -exec chmod 0640 {} \; && find ./www -type d -exec chmod 0750 {} \;
volumes:
- ./bw-data/www/app2.example.com:/app # folder containing PHP app2 (don't forget to rename it)
- ./www/app2.example.com:/app # folder containing PHP app2 (don't forget to rename it)
networks:
- net_app2
- bw-services
myapp3:
image: php:fpm-alpine3.17
# ⚠️ UID and GID of bunkerweb (101:101) and php:fpm-alpine3.17 (82:82) are not the same ⚠️
image: php:fpm
# ⚠️ UID and GID of BunkerWeb (101:101) and php:fpm (33:33) are not the same ⚠️
# but both needs access to the files and folders of web-files
# don't forget to edit the permissions of the files and folders accordingly
# example : chown -R 82:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
# example : chown -R 33:101 ./www && find ./www -type f -exec chmod 0640 {} \; && find ./www -type d -exec chmod 0750 {} \;
volumes:
- ./bw-data/www/app3.example.com:/app # folder containing PHP app3 (don't forget to rename it)
- ./www/app3.example.com:/app # folder containing PHP app3 (don't forget to rename it)
networks:
- net_app3
- bw-services
networks:
bw-universe:
@ -99,7 +97,5 @@ networks:
driver: default
config:
- subnet: 10.20.30.0/24
net-docker:
net_app1:
net_app2:
net_app3:
bw-docker:
bw-services:

8
examples/cors/setup-autoconf.sh
View File

@ -5,8 +5,6 @@ if [ $(id -u) -ne 0 ] ; then
exit 1
fi
chown -R root:101 bw-data
chmod -R 770 bw-data
chown -R 82:101 ./bw-data/www
find ./bw-data/www -type f -exec chmod 0640 {} \;
find ./bw-data/www -type d -exec chmod 0750 {} \;
chown -R 33:101 ./www
find ./www -type f -exec chmod 0640 {} \;
find ./www -type d -exec chmod 0750 {} \;

8
examples/cors/setup-docker.sh
View File

@ -5,8 +5,6 @@ if [ $(id -u) -ne 0 ] ; then
exit 1
fi
chown -R root:101 bw-data
chmod -R 770 bw-data
chown -R 82:101 ./bw-data/www
find ./bw-data/www -type f -exec chmod 0640 {} \;
find ./bw-data/www -type d -exec chmod 0750 {} \;
chown -R 33:101 ./www
find ./www -type f -exec chmod 0640 {} \;
find ./www -type d -exec chmod 0750 {} \;

2
examples/cors/setup-linux.sh
View File

@ -13,7 +13,7 @@ else
echo "❌ No PHP user found"
exit 1
fi
cp -r ./bw-data/www/* /var/www/html
cp -r ./www/* /var/www/html
chown -R $user:nginx /var/www/html
find /var/www/html -type f -exec chmod 0640 {} \;
find /var/www/html -type d -exec chmod 0750 {} \;

0
examples/cors/bw-data/www/app1.example.com/index.php → examples/cors/www/app1.example.com/index.php
View File

0
examples/cors/bw-data/www/app2.example.com/index.php → examples/cors/www/app2.example.com/index.php
View File

0
examples/cors/bw-data/www/app3.example.com/index.php → examples/cors/www/app3.example.com/index.php
View File

18
examples/docker-configs/docker-compose.yml
View File

@ -6,14 +6,6 @@ services:
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# or for an existing one : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
environment:
- MULTISITE=yes
- SERVER_NAME=app1.example.com app2.example.com # replace with your domains
@ -65,21 +57,21 @@ services:
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
myapp1:
image: tutum/hello-world
@ -101,4 +93,4 @@ networks:
config:
- subnet: 10.20.30.0/24
bw-services:
net-docker:
bw-docker:

17
examples/drupal/autoconf.yml
View File

@ -23,7 +23,22 @@ services:
- |
CUSTOM_CONF_MODSEC_CRS_drupal=SecAction "id:900130,phase:1,nolog,pass,t:none,setvar:tx.crs_exclusions_drupal=1"
# For the database, you can refer to the example of the autoconf including a database
mydb:
image: mariadb:10.10
networks:
bw-services:
aliases:
- mydb
volumes:
- db-data:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
- MYSQL_DATABASE=drupaldb
- MYSQL_USER=user
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password
volumes:
db-data:
networks:
bw-services:

30
examples/drupal/docker-compose.yml
View File

@ -1,24 +1,12 @@
version: "3"
x-bunkerweb-env: &bunkerweb-env
DATABASE_URI: "mariadb+pymysql://${DRUPAL_USER:-user}:${DRUPAL_PASSWORD:-secret}@mydb:3306/${BUNKERWEB_DATABASE:-bunkerweb}"
services:
mybunker:
image: bunkerity/bunkerweb:1.5.0
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
environment:
<<: *bunkerweb-env
SERVER_NAME: "www.example.com" # replace with your domain
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
SERVE_FILES: "no"
@ -44,22 +32,21 @@ services:
depends_on:
- mybunker
environment:
<<: *bunkerweb-env
DOCKER_HOST: "tcp://docker-proxy:2375"
DOCKER_HOST: "tcp://bw-docker-proxy:2375"
volumes:
- bw-data:/data
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
mydrupal:
image: drupal:9.4-apache
@ -76,10 +63,11 @@ services:
volumes:
- db-data:/var/lib/mysql
environment:
MARIADB_RANDOM_ROOT_PASSWORD: "yes"
entrypoint: sh -c "echo 'DROP USER IF EXISTS \"${DRUPAL_USER:-user}\"; CREATE USER \"${DRUPAL_USER:-user}\"@\"%\"; CREATE DATABASE IF NOT EXISTS ${DRUPAL_DATABASE:-drupaldb}; CREATE DATABASE IF NOT EXISTS ${BUNKERWEB_DATABASE:-bunkerweb}; GRANT ALL PRIVILEGES ON ${DRUPAL_DATABASE:-drupaldb}.* TO \"${DRUPAL_USER:-user}\"@\"%\" IDENTIFIED BY \"${DRUPAL_PASSWORD:-secret}\"; GRANT ALL PRIVILEGES ON ${BUNKERWEB_DATABASE:-bunkerweb}.* TO \"${DRUPAL_USER:-user}\"@\"%\" IDENTIFIED BY \"${DRUPAL_PASSWORD:-secret}\"; FLUSH PRIVILEGES;' > /docker-entrypoint-initdb.d/init.sql; /usr/local/bin/docker-entrypoint.sh --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci"
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
- MYSQL_DATABASE=drupaldb
- MYSQL_USER=user
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password
networks:
- bw-universe
- bw-services
volumes:
@ -93,4 +81,4 @@ networks:
config:
- subnet: 10.20.30.0/24
bw-services:
net-docker:
bw-docker:

16
examples/drupal/swarm.yml
View File

@ -23,7 +23,21 @@ services:
- bunkerweb.LIMIT_REQ_URL_1=/core/install.php
- bunkerweb.LIMIT_REQ_RATE_1=5r/s
# For the database, you can refer to the swarm example including a database
mydb:
image: mariadb:10.10
networks:
- bw-services
volumes:
- db-data:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
- MYSQL_DATABASE=drupaldb
- MYSQL_USER=user
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password
deploy:
placement:
constraints:
- "node.role==worker"
networks:
bw-services:

5
examples/ghost/autoconf.yml
View File

@ -4,7 +4,7 @@ services:
myghost:
image: ghost:5.25-alpine
volumes:
- ./ghost_data:/var/lib/ghost/content
- ghost-data:/var/lib/ghost/content
networks:
bw-services:
aliases:
@ -18,6 +18,9 @@ services:
- bunkerweb.REVERSE_PROXY_URL=/
- bunkerweb.REVERSE_PROXY_HOST=http://myghost:2368
volumes:
ghost-data:
networks:
bw-services:
external:

21
examples/ghost/docker-compose.yml
View File

@ -6,14 +6,6 @@ services:
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
environment:
- SERVER_NAME=www.example.com # replace with your domain
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
@ -36,26 +28,26 @@ services:
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
myghost:
image: ghost:5.25-alpine
volumes:
- ./ghost-data:/var/lib/ghost/content
- ghost-data:/var/lib/ghost/content
environment:
- url=https://www.example.com # replace with your domain
- NODE_ENV=development
@ -64,6 +56,7 @@ services:
volumes:
bw-data:
ghost-data:
networks:
bw-universe:
@ -72,4 +65,4 @@ networks:
config:
- subnet: 10.20.30.0/24
bw-services:
net-docker:
bw-docker:

18
examples/gogs/docker-compose.yml
View File

@ -6,14 +6,6 @@ services:
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
environment:
- SERVER_NAME=www.example.com # replace with your domain
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
@ -40,21 +32,21 @@ services:
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
mygogs:
image: gogs/gogs:0.12
@ -73,4 +65,4 @@ networks:
config:
- subnet: 10.20.30.0/24
bw-services:
net-docker:
bw-docker:

19
examples/hardened/docker-compose.yml
View File

@ -15,18 +15,11 @@ services:
tmpfs:
- /tmp:mode=0770,uid=0,gid=101
- /var/tmp/bunkerweb:mode=0770,uid=0,gid=101
- /var/cache/bunkerweb:mode=0770,uid=0,gid=101
- /etc/nginx:mode=0770,uid=0,gid=101
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
environment:
- SERVER_NAME=www.example.com # replace with your domain
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
@ -49,21 +42,21 @@ services:
depends_on:
- mybunker
environment:
- DOCKER_HOST=tcp://docker-proxy:2375
- DOCKER_HOST=tcp://bw-docker-proxy:2375
volumes:
- bw-data:/data
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
myapp:
image: tutum/hello-world
@ -80,4 +73,4 @@ networks:
config:
- subnet: 10.20.30.0/24
bw-services:
net-docker:
bw-docker:

20
examples/joomla/autoconf.yml
View File

@ -8,7 +8,7 @@ services:
aliases:
- myjoomla
volumes:
- ./joomla-files:/var/www/html
- joomla-data:/var/www/html
environment:
- JOOMLA_DB_HOST=mydb
- JOOMLA_DB_NAME=joomla_db
@ -24,7 +24,23 @@ services:
- bunkerweb.LIMIT_REQ_URL_2=/installation/index.php
- bunkerweb.LIMIT_REQ_RATE_2=8r/s
# For the database, you can refer to the autoconf integration example including a database
mydb:
image: mariadb
volumes:
- db-data:/var/lib/mysql
networks:
bw-services:
aliases:
- mydb
environment:
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
- MYSQL_DATABASE=joomla_db
- MYSQL_USER=user
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match JOOMLA_DB_PASSWORD)
volumes:
joomla-data:
db-data:
networks:
bw-services:

36
examples/joomla/docker-compose.yml
View File

@ -1,24 +1,12 @@
version: "3"
x-bunkerweb-env: &bunkerweb-env
DATABASE_URI: "mariadb+pymysql://${JOOMLA_USER:-user}:${JOOMLA_PASSWORD:-secret}@mydb:3306/${BUNKERWEB_DATABASE:-bunkerweb}"
services:
mybunker:
image: bunkerity/bunkerweb:1.5.0
ports:
- 80:8080
- 443:8443
# ⚠️ read this if you use local folders for volumes ⚠️
# bunkerweb runs as an unprivileged user with UID/GID 101
# don't forget to edit the permissions of the files and folders accordingly
# example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
# another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
# more info at https://docs.bunkerweb.io
volumes:
- bw-data:/data
environment:
<<: *bunkerweb-env
SERVER_NAME: "www.example.com" # replace with your domain
API_WHITELIST_IP: "127.0.0.0/8 10.20.30.0/24"
AUTO_LETS_ENCRYPT: "yes"
@ -44,27 +32,26 @@ services:
depends_on:
- mybunker
environment:
<<: *bunkerweb-env
DOCKER_HOST: "tcp://docker-proxy:2375"
DOCKER_HOST: "tcp://bw-docker-proxy:2375"
volumes:
- bw-data:/data
networks:
- bw-universe
- net-docker
- bw-docker
docker-proxy:
bw-docker-proxy:
image: tecnativa/docker-socket-proxy:0.1
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
environment:
- CONTAINERS=1
networks:
- net-docker
- bw-docker
myjoomla:
image: joomla:4-apache
volumes:
- ./joomla-files:/var/www/html
- joomla-data:/var/www/html
environment:
- JOOMLA_DB_HOST=mydb
- JOOMLA_DB_NAME=${JOOMLA_DATABASE:-joomladb}
@ -74,18 +61,19 @@ services:
- bw-services
mydb:
image: mariadb:10.10
image: mariadb
volumes:
- db-data:/var/lib/mysql
environment:
MARIADB_RANDOM_ROOT_PASSWORD: "yes"
entrypoint: sh -c "echo 'DROP USER IF EXISTS \"${JOOMLA_USER:-user}\"; CREATE USER \"${JOOMLA_USER:-user}\"@\"%\"; CREATE DATABASE IF NOT EXISTS ${JOOMLA_DATABASE:-joomladb}; CREATE DATABASE IF NOT EXISTS ${BUNKERWEB_DATABASE:-bunkerweb}; GRANT ALL PRIVILEGES ON ${JOOMLA_DATABASE:-joomladb}.* TO \"${JOOMLA_USER:-user}\"@\"%\" IDENTIFIED BY \"${JOOMLA_PASSWORD:-secret}\"; GRANT ALL PRIVILEGES ON ${BUNKERWEB_DATABASE:-bunkerweb}.* TO \"${JOOMLA_USER:-user}\"@\"%\" IDENTIFIED BY \"${JOOMLA_PASSWORD:-secret}\"; FLUSH PRIVILEGES;' > /docker-entrypoint-initdb.d/init.sql; /usr/local/bin/docker-entrypoint.sh --character-set-server=utf8mb4 --collation-server=utf8mb4_unicode_ci"
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
- MYSQL_DATABASE=joomla_db
- MYSQL_USER=user
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match JOOMLA_DB_PASSWORD)
networks:
- bw-universe
- bw-services
volumes:
bw-data:
joomla-data:
db-data:
networks:
@ -95,4 +83,4 @@ networks:
config:
- subnet: 10.20.30.0/24
bw-services:
net-docker:
bw-docker:

23
examples/joomla/swarm.yml
View File

@ -6,7 +6,7 @@ services:
networks:
- bw-services
volumes:
- joomla_files:/var/www/html
- joomla-files:/var/www/html
environment:
- JOOMLA_DB_HOST=mydb
- JOOMLA_DB_NAME=joomla_db
@ -26,7 +26,22 @@ services:
- bunkerweb.LIMIT_REQ_URL_2=/installation/index.php
- bunkerweb.LIMIT_REQ_RATE_2=8r/s
# For the database, you can refer to the swarm integration example including a database
mydb:
image: mariadb
networks:
- bw-services
volumes:
- db-data:/var/lib/mysql
environment:
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
- MYSQL_DATABASE=joomla_db
- MYSQL_USER=user
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match JOOMLA_DB_PASSWORD)
deploy:
placement:
constraints:
- "node.role==worker"
networks:
bw-services:
@ -34,5 +49,5 @@ networks:
name: bw-services
volumes:
joomla_files:
db_data:
joomla-files:
db-data:

3
src/bw/Dockerfile
View File

@ -48,11 +48,10 @@ RUN apk add --no-cache pcre bash python3 && \
cp /usr/share/bunkerweb/helpers/bwcli /usr/bin/ && \
echo "Docker" > /usr/share/bunkerweb/INTEGRATION && \
mkdir -p /var/tmp/bunkerweb && \
mkdir -p /var/www && \
mkdir -p /var/www/html && \
mkdir -p /etc/bunkerweb && \
mkdir -p /data/cache && ln -s /data/cache /var/cache/bunkerweb && \
mkdir -p /data/cache/letsencrypt && ln -s /data/cache/letsencrypt /etc/letsencrypt && \
mkdir -p /data/www && ln -s /data/www /var/www/html && \
for dir in $(echo "configs plugins") ; do mkdir -p "/data/${dir}" && ln -s "/data/${dir}" "/etc/bunkerweb/${dir}" ; done && \
for dir in $(echo "configs/http configs/stream configs/server-http configs/server-stream configs/default-server-http configs/default-server-stream configs/modsec configs/modsec-crs") ; do mkdir "/data/${dir}" ; done && \
chown -R root:nginx /data && \

6
tests/DockerTest.py
View File

@ -22,9 +22,9 @@ class DockerTest(Test) :
try :
if not Test.init() :
return False
proc = run("sudo chown -R 101:101 /tmp/bw-data", shell=True)
if proc.returncode != 0 :
raise(Exception("chown failed (autoconf stack)"))
# proc = run("sudo chown -R 101:101 /tmp/bw-data", shell=True)
# if proc.returncode != 0 :
# raise(Exception("chown failed (autoconf stack)"))
except :
log("DOCKER", "", "exception while running DockerTest.init()\n" + format_exc())
return False

6
tests/ui/tests.sh
View File

@ -4,9 +4,9 @@
cd ./tests/ui
# Prepare environment
sed -i "s@bunkerity/bunkerweb:.*@local/bunkerweb-tests:$MODE@" docker-compose.yml
sed -i "s@bunkerity/bunkerweb-scheduler:.*@local/scheduler-tests:$MODE@" docker-compose.yml
sed -i "s@bunkerity/bunkerweb-ui:.*@local/scheduler-tests:$MODE@" docker-compose.yml
sed -i "s@bunkerity/bunkerweb:.*@bunkerweb-tests@" docker-compose.yml
sed -i "s@bunkerity/bunkerweb-scheduler:.*@scheduler-tests@" docker-compose.yml
sed -i "s@bunkerity/bunkerweb-ui:.*@scheduler-tests@" docker-compose.yml
# Start stack
docker-compose pull docker-proxy app1