Add new php-cookie-flags example

2022-12-14 11:02:05 +01:00 · 2022-12-14 11:02:05 +01:00 · c6498eda7e
parent f97e056ff2
commit c6498eda7e
6 changed files with 150 additions and 0 deletions
--- a/examples/php-cookie-flags/bw-data/www/index.php
+++ b/examples/php-cookie-flags/bw-data/www/index.php
@ -0,0 +1,20 @@
+<?php
+$cookie_name = "my_cookie";
+$cookie_value = "Test";
+setcookie($cookie_name, $cookie_value, time() + (86400 * 30), "/"); // 86400 = 1 day
+setcookie("another_cookie", "default", time() + (86400 * 30), "/"); // 86400 = 1 day
+?>
+<html>
+<body>
+
+<?php
+if(!isset($_COOKIE[$cookie_name])) {
+  echo "Cookie named '" . $cookie_name . "' is not set!";
+} else {
+  echo "Cookie '" . $cookie_name . "' is set!<br>";
+  echo "Value is: " . $_COOKIE[$cookie_name];
+}
+?>
+
+</body>
+</html>
--- a/examples/php-cookie-flags/docker-compose.yml
+++ b/examples/php-cookie-flags/docker-compose.yml
@ -0,0 +1,72 @@
+version: "3"
+
+services:
+  mybunker:
+    image: bunkerity/bunkerweb:1.5.0
+    ports:
+      - 80:8080
+      - 443:8443
+    # ⚠️ read this if you use local folders for volumes ⚠️
+    # bunkerweb runs as an unprivileged user with UID/GID 101
+    # don't forget to edit the permissions of the files and folders accordingly
+    # example if you need to create a directory : mkdir folder && chown root:101 folder && chmod 770 folder
+    # another example for existing folder : chown -R root:101 folder && chmod -R 770 folder
+    # more info at https://docs.bunkerweb.io
+    volumes:
+      - ./bw-data:/data # contains web files (PHP, assets, ...)
+    environment:
+      - SERVER_NAME=www.example.com # replace with your domain
+      - API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
+      - AUTO_LETS_ENCRYPT=yes
+      - DISABLE_DEFAULT_SERVER=yes
+      - USE_CLIENT_CACHE=yes
+      - USE_GZIP=yes
+      - COOKIE_FLAGS_1=my_cookie HttpOnly
+      - REMOTE_PHP=myphp
+      - REMOTE_PHP_PATH=/app
+    labels:
+      - "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
+    networks:
+      - bw-universe
+      - bw-services
+
+  bw-scheduler:
+    image: bunkerity/bunkerweb-scheduler:1.5.0
+    depends_on:
+      - mybunker
+    environment:
+      - DOCKER_HOST=tcp://docker-proxy:2375
+    volumes:
+      - ./bw-data:/data
+    networks:
+      - bw-universe
+      - net-docker
+
+  docker-proxy:
+    image: tecnativa/docker-socket-proxy:0.1
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    environment:
+      - CONTAINERS=1
+    networks:
+      - net-docker
+
+  myphp:
+    image: php:fpm-alpine3.17
+    # ⚠️ UID and GID of bunkerweb (101:101) and php:fpm-alpine3.17 (82:82) are not the same ⚠️
+    # but both needs access to the files and folders of web-files
+    # don't forget to edit the permissions of the files and folders accordingly
+    # example : chown -R 82:101 ./bw-data/www && find ./bw-data/www -type f -exec chmod 0640 {} \; && find ./bw-data/www -type d -exec chmod 0750 {} \;
+    volumes:
+      - ./bw-data/www:/app # folder containing PHP app
+    networks:
+      - bw-services
+
+networks:
+  bw-universe:
+    ipam:
+      driver: default
+      config:
+        - subnet: 10.20.30.0/24
+  bw-services:
+  net-docker:
--- a/examples/php-cookie-flags/setup-docker.sh
+++ b/examples/php-cookie-flags/setup-docker.sh
@ -0,0 +1,12 @@
+#!/bin/bash
+
+if [ $(id -u) -ne 0 ] ; then
+	echo "❌ Run me as root"
+	exit 1
+fi
+
+chown -R root:101 bw-data
+chmod -R 770 bw-data
+chown -R 82:101 ./bw-data/www
+find ./bw-data/www -type f -exec chmod 0640 {} \;
+find ./bw-data/www -type d -exec chmod 0750 {} \;
--- a/examples/php-cookie-flags/setup-linux.sh
+++ b/examples/php-cookie-flags/setup-linux.sh
@ -0,0 +1,22 @@
+#!/bin/bash
+
+if [ $(id -u) -ne 0 ] ; then
+	echo "❌ Run me as root"
+	exit 1
+fi
+
+if id www-data > /dev/null 2>&1 ; then
+	user="www-data"
+elif id apache > /dev/null 2>&1 ; then
+	user="apache"
+else
+	echo "❌ No PHP user found"
+	exit 1
+fi
+
+chown -R root:101 bw-data
+chmod -R 770 bw-data
+cp -r ./bw-data/www/* /var/www/html
+chown -R $user:nginx /var/www/html
+find /var/www/html -type f -exec chmod 0640 {} \;
+find /var/www/html -type d -exec chmod 0750 {} \;
--- a/examples/php-cookie-flags/tests.json
+++ b/examples/php-cookie-flags/tests.json
@ -0,0 +1,12 @@
+{
+  "name": "php-cookie",
+  "kinds": ["docker"],
+  "timeout": 60,
+  "tests": [
+    {
+      "type": "string",
+      "url": "https://www.example.com",
+      "string": "Cookie 'my_cookie' is set!"
+    }
+  ]
+}
--- a/examples/php-cookie-flags/variables.env
+++ b/examples/php-cookie-flags/variables.env
@ -0,0 +1,12 @@
+HTTP_PORT=80
+HTTPS_PORT=443
+DNS_RESOLVERS=8.8.8.8 8.8.4.4
+# Replace with your domain
+SERVER_NAME=www.example.com
+DISABLE_DEFAULT_SERVER=yes
+AUTO_LETS_ENCRYPT=yes
+USE_CLIENT_CACHE=yes
+USE_GZIP=yes
+COOKIE_FLAGS_1=my_cookie HttpOnly
+LOCAL_PHP=/run/php/php-fpm.sock
+LOCAL_PHP_PATH=/var/www/html