librewolf
/
bunkerized-nginx
mirror of https://github.com/bunkerity/bunkerized-nginx
4
0
Fork 1
Code Issues Projects Releases Wiki Activity

Merge pull request #349 from TheophileDiot/1.5 

Move UI deps, Make the DB compatible with PostgreSQL, MySQL and Oracle
This commit is contained in:
Théophile Diot 2022-11-14 11:00:25 +01:00 committed by GitHub
parent 035eed8f6c 32101c3dc7
commit c8fbcbeaea
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
16 changed files with 412 additions and 113 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/autoconf/Dockerfile
View File

@ -9,10 +9,12 @@ RUN mkdir -p /usr/share/bunkerweb/deps && \
rm -rf /tmp/req
# Install dependencies
RUN pip install --no-cache-dir --upgrade pip && \
RUN apk add --no-cache --virtual .build-deps g++ gcc && \
pip install --no-cache-dir --upgrade pip && \
pip install wheel && \
mkdir -p /usr/share/bunkerweb/deps/python && \
pip install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/deps/requirements.txt
pip install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/deps/requirements.txt && \
apk del .build-deps
# Copy files
# can't exclude specific files/dir from . so we are copying everything by hand

22
src/common/core/blacklist/plugin.json
View File

@ -72,7 +72,7 @@
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing ASN to block.",
"id": "blacklist-rdns-urls",
"id": "blacklist-asn-urls",
"label": "Blacklist ASN URLs",
"regex": "^.*$",
"type": "text"
@ -117,7 +117,7 @@
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing IP/network to ignore in the blacklist.",
"id": "blacklist-ip-urls",
"id": "blacklist-ignore-ip-urls",
"label": "Blacklist IP/network URLs",
"regex": "^.*$",
"type": "text"
@ -126,7 +126,7 @@
"context": "multisite",
"default": "",
"help": "List of IP/network, separated with spaces, to ignore in the blacklist.",
"id": "blacklist-ip",
"id": "blacklist-ignore-ip",
"label": "Blacklist IP/network",
"regex": "^.*$",
"type": "text"
@ -135,7 +135,7 @@
"context": "multisite",
"default": "",
"help": "List of reverse DNS suffixes, separated with spaces, to ignore in the blacklist.",
"id": "blacklist-rdns",
"id": "blacklist-ignore-rdns",
"label": "Blacklist reverse DNS",
"regex": "^.*$",
"type": "text"
@ -144,7 +144,7 @@
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing reverse DNS suffixes to ignore in the blacklist.",
"id": "blacklist-rdns-urls",
"id": "blacklist-ignore-rdns-urls",
"label": "Blacklist reverse DNS URLs",
"regex": "^.*$",
"type": "text"
@ -153,7 +153,7 @@
"context": "multisite",
"default": "",
"help": "List of ASN numbers, separated with spaces, to ignore in the blacklist.",
"id": "blacklist-asn",
"id": "blacklist-ignore-asn",
"label": "Blacklist ASN",
"regex": "^.*$",
"type": "text"
@ -162,7 +162,7 @@
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing ASN to ignore in the blacklist.",
"id": "blacklist-rdns-urls",
"id": "blacklist-ignore-asn-urls",
"label": "Blacklist ASN URLs",
"regex": "^.*$",
"type": "text"
@ -171,7 +171,7 @@
"context": "multisite",
"default": "",
"help": "List of User-Agent, separated with spaces, to ignore in the blacklist.",
"id": "blacklist-user-agent",
"id": "blacklist-ignore-user-agent",
"label": "Blacklist User-Agent",
"regex": "^.*$",
"type": "text"
@ -180,7 +180,7 @@
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing User-Agent to ignore in the blacklist.",
"id": "blacklist-user-agent-urls",
"id": "blacklist-ignore-user-agent-urls",
"label": "Blacklist User-Agent URLs",
"regex": "^.*$",
"type": "text"
@ -189,7 +189,7 @@
"context": "multisite",
"default": "",
"help": "List of URI, separated with spaces, to ignore in the blacklist.",
"id": "blacklist-uri",
"id": "blacklist-ignore-uri",
"label": "Blacklist URI",
"regex": "^.*$",
"type": "text"
@ -198,7 +198,7 @@
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing URI to ignore in the blacklist.",
"id": "blacklist-uri-urls",
"id": "blacklist-ignore-uri-urls",
"label": "Blacklist URI URLs",
"regex": "^.*$",
"type": "text"

2
src/common/core/greylist/plugin.json
View File

@ -72,7 +72,7 @@
"context": "global",
"default": "",
"help": "List of URLs, separated with spaces, containing ASN to put into the greylist.",
"id": "greylist-rdns-urls",
"id": "greylist-asn-urls",
"label": "Greylist ASN URLs",
"regex": "^.*$",
"type": "text"

124
src/common/db/Database.py
View File

@ -3,24 +3,50 @@ from copy import deepcopy
from datetime import datetime
from hashlib import sha256
from logging import INFO, WARNING, Logger, getLogger
import oracledb
from os import _exit, getenv, listdir, path
from os.path import exists
from pymysql import install_as_MySQLdb
from re import search
from sys import path as sys_path
from sys import modules, path as sys_path
from typing import Any, Dict, List, Optional, Tuple
from sqlalchemy import create_engine, inspect
from sqlalchemy.exc import OperationalError, ProgrammingError, SQLAlchemyError
from sqlalchemy.exc import (
ArgumentError,
DatabaseError,
OperationalError,
ProgrammingError,
SQLAlchemyError,
)
from sqlalchemy.orm import scoped_session, sessionmaker
from time import sleep
from traceback import format_exc
from model import *
from model import (
Base,
Plugins,
Settings,
Global_values,
Services,
Services_settings,
Jobs,
Plugin_pages,
Jobs_cache,
Custom_configs,
Selects,
Metadata,
)
if "/usr/share/bunkerweb/utils" not in sys_path:
sys_path.append("/usr/share/bunkerweb/utils")
from jobs import file_hash
oracledb.version = "8.3.0"
modules["cx_Oracle"] = oracledb
install_as_MySQLdb()
class Database:
def __init__(self, logger: Logger, sqlalchemy_string: str = None) -> None:
@ -39,13 +65,24 @@ class Database:
if sqlalchemy_string.startswith("sqlite"):
if not path.exists(sqlalchemy_string.split("///")[1]):
open(sqlalchemy_string.split("///")[1], "w").close()
elif "+" in sqlalchemy_string and "+pymysql" not in sqlalchemy_string:
splitted = sqlalchemy_string.split("+")
sqlalchemy_string = f"{splitted[0]}:{':'.join(splitted[1].split(':')[1:])}"
try:
self.__sql_engine = create_engine(
sqlalchemy_string,
encoding="utf-8",
future=True,
logging_name="sqlalchemy.engine",
)
except ArgumentError:
self.__logger.error(f"Invalid database URI: {sqlalchemy_string}")
except SQLAlchemyError:
self.__logger.error(
f"Error when trying to create the engine: {format_exc()}"
)
self.__sql_engine = create_engine(
sqlalchemy_string,
encoding="utf-8",
future=True,
logging_name="sqlalchemy.engine",
)
not_connected = True
retries = 5
@ -53,7 +90,7 @@ class Database:
try:
self.__sql_engine.connect()
not_connected = False
except SQLAlchemyError:
except (OperationalError, DatabaseError):
if retries <= 0:
self.__logger.error(
f"Can't connect to database : {format_exc()}",
@ -65,6 +102,10 @@ class Database:
)
retries -= 1
sleep(5)
except SQLAlchemyError:
self.__logger.error(
f"Error when trying to connect to the database: {format_exc()}"
)
self.__session = sessionmaker()
self.__sql_session = scoped_session(self.__session)
@ -150,7 +191,7 @@ class Database:
.first()
)
return metadata is not None and metadata.is_initialized
except (ProgrammingError, OperationalError):
except (ProgrammingError, OperationalError, DatabaseError):
return False
def initialize_db(self, version: str, integration: str = "Unknown") -> str:
@ -230,6 +271,7 @@ class Database:
)
for job in jobs:
job["file_name"] = job.pop("file")
to_put.append(Jobs(plugin_id=plugin["id"], **job))
if exists(f"/usr/share/bunkerweb/core/{plugin['id']}/ui"):
@ -282,6 +324,7 @@ class Database:
if (
server_name
and session.query(Services)
.with_entities(Services.id)
.filter_by(id=server_name)
.first()
is None
@ -320,6 +363,7 @@ class Database:
if service_setting is None:
if key != "SERVER_NAME" and (
value == setting.default
or (value == "" and setting.default is None)
or (key in config and value == config[key])
):
continue
@ -336,6 +380,7 @@ class Database:
elif method == "autoconf":
if key != "SERVER_NAME" and (
value == setting.default
or (value == "" and setting.default is None)
or (key in config and value == config[key])
):
session.query(Services_settings).filter(
@ -367,7 +412,9 @@ class Database:
)
if global_value is None:
if value == setting.default:
if value == setting.default or (
value == "" and setting.default is None
):
continue
to_put.append(
@ -379,7 +426,9 @@ class Database:
)
)
elif method == "autoconf":
if value == setting.default:
if value == setting.default or (
value == "" and setting.default is None
):
session.query(Global_values).filter(
Global_values.setting_id == key,
Global_values.suffix == suffix,
@ -411,7 +460,11 @@ class Database:
.first()
)
if setting and value == setting.default:
if (
setting
and value == setting.default
or (value == "" and setting.default is None)
):
continue
global_value = (
@ -570,10 +623,11 @@ class Database:
if global_value is None:
if suffix == 0:
default = setting.default or ""
config[setting.id] = (
setting.default
default
if methods is False
else {"value": setting.default, "method": "default"}
else {"value": default, "method": "default"}
)
else:
config[
@ -718,7 +772,7 @@ class Database:
"""Update the plugin cache in the database"""
with self.__db_session() as session:
cache = (
session.query(Job_cache)
session.query(Jobs_cache)
.filter_by(
job_name=job_name, service_id=service_id, file_name=file_name
)
@ -727,7 +781,7 @@ class Database:
if cache is None:
session.add(
Job_cache(
Jobs_cache(
job_name=job_name,
service_id=service_id,
file_name=file_name,
@ -806,6 +860,7 @@ class Database:
db_settings = (
session.query(Settings)
.with_entities(Settings.id)
.filter_by(plugin_id=plugin["id"])
.all()
)
@ -870,12 +925,13 @@ class Database:
updates[Settings.multiple] = value["multiple"]
if updates:
session.query(Settings).filter_by(
session.query(Settings).filter(
Settings.id == setting
).update(updates)
db_selects = (
session.query(Selects)
.with_entities(Selects.value)
.filter_by(setting_id=setting)
.all()
)
@ -905,7 +961,10 @@ class Database:
)
db_jobs = (
session.query(Jobs).filter_by(plugin_id=plugin["id"]).all()
session.query(Jobs)
.with_entities(Jobs.name)
.filter_by(plugin_id=plugin["id"])
.all()
)
job_names = [job["name"] for job in jobs]
missing_names = [
@ -918,9 +977,17 @@ class Database:
).delete()
for job in jobs:
db_job = session.query(Jobs).get(job["name"])
db_job = (
session.query(Jobs)
.with_entities(
Jobs.id, Jobs.file_name, Jobs.every, Jobs.reload
)
.filter_by(name=job["name"], plugin_id=plugin["id"])
.first()
)
if job["name"] not in db_ids or db_job is None:
job["file_name"] = job.pop("file")
to_put.append(
Jobs(
plugin_id=plugin["id"],
@ -930,8 +997,8 @@ class Database:
else:
updates = {}
if job["file"] != db_job.file:
updates[Jobs.file] = job["file"]
if job["file_name"] != db_job.file_name:
updates[Jobs.file_name] = job["file_name"]
if job["every"] != db_job.every:
updates[Jobs.every] = job["every"]
@ -941,10 +1008,10 @@ class Database:
if updates:
updates[Jobs.last_update] = None
session.query(Job_cache).filter_by(
job_name=job["name"]
session.query(Jobs_cache).filter(
Jobs_cache.job_name == job["name"]
).delete()
session.query(Jobs).filter_by(
session.query(Jobs).filter(
Jobs.name == job["name"]
).update(updates)
@ -954,6 +1021,10 @@ class Database:
):
db_plugin_page = (
session.query(Plugin_pages)
.with_entities(
Plugin_pages.template_checksum,
Plugin_pages.actions_checksum,
)
.filter_by(plugin_id=plugin["id"])
.first()
)
@ -1054,6 +1125,7 @@ class Database:
)
for job in jobs:
job["file_name"] = job.pop("file")
to_put.append(Jobs(plugin_id=plugin["id"], **job))
for page in pages:

74
src/common/db/model.py
View File

@ -1,24 +1,26 @@
from sqlalchemy import (
TIMESTAMP,
Boolean,
Column,
DateTime,
Enum,
ForeignKey,
Identity,
Integer,
LargeBinary,
PrimaryKeyConstraint,
SmallInteger,
String,
text,
TIMESTAMP,
)
from sqlalchemy.orm import declarative_base, relationship
from sqlalchemy.schema import UniqueConstraint
Base = declarative_base()
CONTEXTS_ENUM = Enum("global", "multisite")
SETTINGS_TYPES_ENUM = Enum("text", "check", "select")
METHODS_ENUM = Enum("ui", "scheduler", "autoconf", "manual")
SCHEDULES_ENUM = Enum("once", "minute", "hour", "day", "week")
CUSTOM_CONFIGS_TYPES = Enum(
CONTEXTS_ENUM = Enum("global", "multisite", name="contexts_enum")
SETTINGS_TYPES_ENUM = Enum("text", "check", "select", name="settings_types_enum")
METHODS_ENUM = Enum("ui", "scheduler", "autoconf", "manual", name="methods_enum")
SCHEDULES_ENUM = Enum("once", "minute", "hour", "day", "week", name="schedules_enum")
CUSTOM_CONFIGS_TYPES_ENUM = Enum(
"http",
"default_server_http",
"server_http",
@ -26,8 +28,9 @@ CUSTOM_CONFIGS_TYPES = Enum(
"modsec_crs",
"stream",
"stream_http",
name="custom_configs_types_enum",
)
LOG_LEVELS_ENUM = Enum("DEBUG", "INFO", "WARNING", "ERROR")
LOG_LEVELS_ENUM = Enum("DEBUG", "INFO", "WARNING", "ERROR", name="log_levels_enum")
INTEGRATIONS_ENUM = Enum(
"Linux",
"Docker",
@ -36,7 +39,9 @@ INTEGRATIONS_ENUM = Enum(
"Autoconf",
"Windows",
"Unknown",
name="integrations_enum",
)
Base = declarative_base()
class Plugins(Base):
@ -60,6 +65,11 @@ class Plugins(Base):
class Settings(Base):
__tablename__ = "settings"
__table_args__ = (
PrimaryKeyConstraint("id", "name"),
UniqueConstraint("id"),
UniqueConstraint("name"),
)
id = Column(String(255), primary_key=True)
name = Column(String(255), primary_key=True)
@ -69,7 +79,7 @@ class Settings(Base):
nullable=False,
)
context = Column(CONTEXTS_ENUM, nullable=False)
default = Column(String(1023), nullable=False)
default = Column(String(1023), nullable=True, default="")
help = Column(String(255), nullable=False)
label = Column(String(255), nullable=True)
regex = Column(String(255), nullable=False)
@ -113,7 +123,7 @@ class Services(Base):
"Custom_configs", back_populates="service", cascade="all, delete"
)
jobs_cache = relationship(
"Job_cache", back_populates="service", cascade="all, delete"
"Jobs_cache", back_populates="service", cascade="all, delete"
)
@ -140,27 +150,31 @@ class Services_settings(Base):
class Jobs(Base):
__tablename__ = "jobs"
__table_args__ = (UniqueConstraint("name", "plugin_id"),)
name = Column(String(128), primary_key=True)
plugin_id = Column(
String(64),
ForeignKey("plugins.id", onupdate="CASCADE", ondelete="CASCADE"),
primary_key=True,
)
file = Column(String(255), nullable=False)
file_name = Column(String(255), nullable=False)
every = Column(SCHEDULES_ENUM, nullable=False)
reload = Column(Boolean, nullable=False)
success = Column(Boolean, nullable=True)
last_run = Column(DateTime, nullable=True)
plugin = relationship("Plugins", back_populates="jobs")
cache = relationship("Job_cache", back_populates="job", cascade="all, delete")
cache = relationship("Jobs_cache", back_populates="job", cascade="all, delete")
class Plugin_pages(Base):
__tablename__ = "plugin_pages"
id = Column(Integer, primary_key=True)
id = Column(
Integer,
Identity(start=1, increment=1),
primary_key=True,
)
plugin_id = Column(
String(64),
ForeignKey("plugins.id", onupdate="CASCADE", ondelete="CASCADE"),
@ -174,10 +188,15 @@ class Plugin_pages(Base):
plugin = relationship("Plugins", back_populates="pages")
class Job_cache(Base):
__tablename__ = "job_cache"
class Jobs_cache(Base):
__tablename__ = "jobs_cache"
__table_args__ = (UniqueConstraint("job_name", "service_id", "file_name"),)
id = Column(Integer, primary_key=True)
id = Column(
Integer,
Identity(start=1, increment=1),
primary_key=True,
)
job_name = Column(
String(128),
ForeignKey("jobs.name", onupdate="CASCADE", ondelete="CASCADE"),
@ -199,23 +218,22 @@ class Job_cache(Base):
job = relationship("Jobs", back_populates="cache")
service = relationship("Services", back_populates="jobs_cache")
__table_args__ = (
UniqueConstraint(
"job_name", "service_id", "file_name", name="_job_cache_uniqueness"
),
)
class Custom_configs(Base):
__tablename__ = "custom_configs"
__table_args__ = (UniqueConstraint("service_id", "type", "name"),)
id = Column(Integer, primary_key=True)
id = Column(
Integer,
Identity(start=1, increment=1),
primary_key=True,
)
service_id = Column(
String(64),
ForeignKey("services.id", onupdate="CASCADE", ondelete="CASCADE"),
nullable=True,
)
type = Column(CUSTOM_CONFIGS_TYPES, nullable=False)
type = Column(CUSTOM_CONFIGS_TYPES_ENUM, nullable=False)
name = Column(String(255), nullable=False)
data = Column(LargeBinary(length=(2**32) - 1), nullable=False)
checksum = Column(String(128), nullable=False)
@ -223,12 +241,6 @@ class Custom_configs(Base):
service = relationship("Services", back_populates="custom_configs")
__table_args__ = (
UniqueConstraint(
"service_id", "type", "name", name="_custom_configs_uniqueness"
),
)
class Selects(Base):
__tablename__ = "selects"

4
src/common/db/requirements.in
View File

@ -1,2 +1,4 @@
sqlalchemy==1.4.43
pymysql==1.0.2
psycopg2-binary==2.9.5
PyMySQL==1.0.2
oracledb==1.1.1

196
src/common/db/requirements.txt
View File

@ -4,6 +4,100 @@
#
# pip-compile --allow-unsafe --generate-hashes
#
cffi==1.15.1 \
--hash=sha256:00a9ed42e88df81ffae7a8ab6d9356b371399b91dbdf0c3cb1e84c03a13aceb5 \
--hash=sha256:03425bdae262c76aad70202debd780501fabeaca237cdfddc008987c0e0f59ef \
--hash=sha256:04ed324bda3cda42b9b695d51bb7d54b680b9719cfab04227cdd1e04e5de3104 \
--hash=sha256:0e2642fe3142e4cc4af0799748233ad6da94c62a8bec3a6648bf8ee68b1c7426 \
--hash=sha256:173379135477dc8cac4bc58f45db08ab45d228b3363adb7af79436135d028405 \
--hash=sha256:198caafb44239b60e252492445da556afafc7d1e3ab7a1fb3f0584ef6d742375 \
--hash=sha256:1e74c6b51a9ed6589199c787bf5f9875612ca4a8a0785fb2d4a84429badaf22a \
--hash=sha256:2012c72d854c2d03e45d06ae57f40d78e5770d252f195b93f581acf3ba44496e \
--hash=sha256:21157295583fe8943475029ed5abdcf71eb3911894724e360acff1d61c1d54bc \
--hash=sha256:2470043b93ff09bf8fb1d46d1cb756ce6132c54826661a32d4e4d132e1977adf \
--hash=sha256:285d29981935eb726a4399badae8f0ffdff4f5050eaa6d0cfc3f64b857b77185 \
--hash=sha256:30d78fbc8ebf9c92c9b7823ee18eb92f2e6ef79b45ac84db507f52fbe3ec4497 \
--hash=sha256:320dab6e7cb2eacdf0e658569d2575c4dad258c0fcc794f46215e1e39f90f2c3 \
--hash=sha256:33ab79603146aace82c2427da5ca6e58f2b3f2fb5da893ceac0c42218a40be35 \
--hash=sha256:3548db281cd7d2561c9ad9984681c95f7b0e38881201e157833a2342c30d5e8c \
--hash=sha256:3799aecf2e17cf585d977b780ce79ff0dc9b78d799fc694221ce814c2c19db83 \
--hash=sha256:39d39875251ca8f612b6f33e6b1195af86d1b3e60086068be9cc053aa4376e21 \
--hash=sha256:3b926aa83d1edb5aa5b427b4053dc420ec295a08e40911296b9eb1b6170f6cca \
--hash=sha256:3bcde07039e586f91b45c88f8583ea7cf7a0770df3a1649627bf598332cb6984 \
--hash=sha256:3d08afd128ddaa624a48cf2b859afef385b720bb4b43df214f85616922e6a5ac \
--hash=sha256:3eb6971dcff08619f8d91607cfc726518b6fa2a9eba42856be181c6d0d9515fd \
--hash=sha256:40f4774f5a9d4f5e344f31a32b5096977b5d48560c5592e2f3d2c4374bd543ee \
--hash=sha256:4289fc34b2f5316fbb762d75362931e351941fa95fa18789191b33fc4cf9504a \
--hash=sha256:470c103ae716238bbe698d67ad020e1db9d9dba34fa5a899b5e21577e6d52ed2 \
--hash=sha256:4f2c9f67e9821cad2e5f480bc8d83b8742896f1242dba247911072d4fa94c192 \
--hash=sha256:50a74364d85fd319352182ef59c5c790484a336f6db772c1a9231f1c3ed0cbd7 \
--hash=sha256:54a2db7b78338edd780e7ef7f9f6c442500fb0d41a5a4ea24fff1c929d5af585 \
--hash=sha256:5635bd9cb9731e6d4a1132a498dd34f764034a8ce60cef4f5319c0541159392f \
--hash=sha256:59c0b02d0a6c384d453fece7566d1c7e6b7bae4fc5874ef2ef46d56776d61c9e \
--hash=sha256:5d598b938678ebf3c67377cdd45e09d431369c3b1a5b331058c338e201f12b27 \
--hash=sha256:5df2768244d19ab7f60546d0c7c63ce1581f7af8b5de3eb3004b9b6fc8a9f84b \
--hash=sha256:5ef34d190326c3b1f822a5b7a45f6c4535e2f47ed06fec77d3d799c450b2651e \
--hash=sha256:6975a3fac6bc83c4a65c9f9fcab9e47019a11d3d2cf7f3c0d03431bf145a941e \
--hash=sha256:6c9a799e985904922a4d207a94eae35c78ebae90e128f0c4e521ce339396be9d \
--hash=sha256:70df4e3b545a17496c9b3f41f5115e69a4f2e77e94e1d2a8e1070bc0c38c8a3c \
--hash=sha256:7473e861101c9e72452f9bf8acb984947aa1661a7704553a9f6e4baa5ba64415 \
--hash=sha256:8102eaf27e1e448db915d08afa8b41d6c7ca7a04b7d73af6514df10a3e74bd82 \
--hash=sha256:87c450779d0914f2861b8526e035c5e6da0a3199d8f1add1a665e1cbc6fc6d02 \
--hash=sha256:8b7ee99e510d7b66cdb6c593f21c043c248537a32e0bedf02e01e9553a172314 \
--hash=sha256:91fc98adde3d7881af9b59ed0294046f3806221863722ba7d8d120c575314325 \
--hash=sha256:94411f22c3985acaec6f83c6df553f2dbe17b698cc7f8ae751ff2237d96b9e3c \
--hash=sha256:98d85c6a2bef81588d9227dde12db8a7f47f639f4a17c9ae08e773aa9c697bf3 \
--hash=sha256:9ad5db27f9cabae298d151c85cf2bad1d359a1b9c686a275df03385758e2f914 \
--hash=sha256:a0b71b1b8fbf2b96e41c4d990244165e2c9be83d54962a9a1d118fd8657d2045 \
--hash=sha256:a0f100c8912c114ff53e1202d0078b425bee3649ae34d7b070e9697f93c5d52d \
--hash=sha256:a591fe9e525846e4d154205572a029f653ada1a78b93697f3b5a8f1f2bc055b9 \
--hash=sha256:a5c84c68147988265e60416b57fc83425a78058853509c1b0629c180094904a5 \
--hash=sha256:a66d3508133af6e8548451b25058d5812812ec3798c886bf38ed24a98216fab2 \
--hash=sha256:a8c4917bd7ad33e8eb21e9a5bbba979b49d9a97acb3a803092cbc1133e20343c \
--hash=sha256:b3bbeb01c2b273cca1e1e0c5df57f12dce9a4dd331b4fa1635b8bec26350bde3 \
--hash=sha256:cba9d6b9a7d64d4bd46167096fc9d2f835e25d7e4c121fb2ddfc6528fb0413b2 \
--hash=sha256:cc4d65aeeaa04136a12677d3dd0b1c0c94dc43abac5860ab33cceb42b801c1e8 \
--hash=sha256:ce4bcc037df4fc5e3d184794f27bdaab018943698f4ca31630bc7f84a7b69c6d \
--hash=sha256:cec7d9412a9102bdc577382c3929b337320c4c4c4849f2c5cdd14d7368c5562d \
--hash=sha256:d400bfb9a37b1351253cb402671cea7e89bdecc294e8016a707f6d1d8ac934f9 \
--hash=sha256:d61f4695e6c866a23a21acab0509af1cdfd2c013cf256bbf5b6b5e2695827162 \
--hash=sha256:db0fbb9c62743ce59a9ff687eb5f4afbe77e5e8403d6697f7446e5f609976f76 \
--hash=sha256:dd86c085fae2efd48ac91dd7ccffcfc0571387fe1193d33b6394db7ef31fe2a4 \
--hash=sha256:e00b098126fd45523dd056d2efba6c5a63b71ffe9f2bbe1a4fe1716e1d0c331e \
--hash=sha256:e229a521186c75c8ad9490854fd8bbdd9a0c9aa3a524326b55be83b54d4e0ad9 \
--hash=sha256:e263d77ee3dd201c3a142934a086a4450861778baaeeb45db4591ef65550b0a6 \
--hash=sha256:ed9cb427ba5504c1dc15ede7d516b84757c3e3d7868ccc85121d9310d27eed0b \
--hash=sha256:fa6693661a4c91757f4412306191b6dc88c1703f780c8234035eac011922bc01 \
--hash=sha256:fcd131dd944808b5bdb38e6f5b53013c5aa4f334c5cad0c72742f6eba4b73db0
# via cryptography
cryptography==38.0.3 \
--hash=sha256:068147f32fa662c81aebab95c74679b401b12b57494872886eb5c1139250ec5d \
--hash=sha256:06fc3cc7b6f6cca87bd56ec80a580c88f1da5306f505876a71c8cfa7050257dd \
--hash=sha256:25c1d1f19729fb09d42e06b4bf9895212292cb27bb50229f5aa64d039ab29146 \
--hash=sha256:402852a0aea73833d982cabb6d0c3bb582c15483d29fb7085ef2c42bfa7e38d7 \
--hash=sha256:4e269dcd9b102c5a3d72be3c45d8ce20377b8076a43cbed6f660a1afe365e436 \
--hash=sha256:5419a127426084933076132d317911e3c6eb77568a1ce23c3ac1e12d111e61e0 \
--hash=sha256:554bec92ee7d1e9d10ded2f7e92a5d70c1f74ba9524947c0ba0c850c7b011828 \
--hash=sha256:5e89468fbd2fcd733b5899333bc54d0d06c80e04cd23d8c6f3e0542358c6060b \
--hash=sha256:65535bc550b70bd6271984d9863a37741352b4aad6fb1b3344a54e6950249b55 \
--hash=sha256:6ab9516b85bebe7aa83f309bacc5f44a61eeb90d0b4ec125d2d003ce41932d36 \
--hash=sha256:6addc3b6d593cd980989261dc1cce38263c76954d758c3c94de51f1e010c9a50 \
--hash=sha256:728f2694fa743a996d7784a6194da430f197d5c58e2f4e278612b359f455e4a2 \
--hash=sha256:785e4056b5a8b28f05a533fab69febf5004458e20dad7e2e13a3120d8ecec75a \
--hash=sha256:78cf5eefac2b52c10398a42765bfa981ce2372cbc0457e6bf9658f41ec3c41d8 \
--hash=sha256:7f836217000342d448e1c9a342e9163149e45d5b5eca76a30e84503a5a96cab0 \
--hash=sha256:8d41a46251bf0634e21fac50ffd643216ccecfaf3701a063257fe0b2be1b6548 \
--hash=sha256:984fe150f350a3c91e84de405fe49e688aa6092b3525f407a18b9646f6612320 \
--hash=sha256:9b24bcff7853ed18a63cfb0c2b008936a9554af24af2fb146e16d8e1aed75748 \
--hash=sha256:b1b35d9d3a65542ed2e9d90115dfd16bbc027b3f07ee3304fc83580f26e43249 \
--hash=sha256:b1b52c9e5f8aa2b802d48bd693190341fae201ea51c7a167d69fc48b60e8a959 \
--hash=sha256:bbf203f1a814007ce24bd4d51362991d5cb90ba0c177a9c08825f2cc304d871f \
--hash=sha256:be243c7e2bfcf6cc4cb350c0d5cdf15ca6383bbcb2a8ef51d3c9411a9d4386f0 \
--hash=sha256:bfbe6ee19615b07a98b1d2287d6a6073f734735b49ee45b11324d85efc4d5cbd \
--hash=sha256:c46837ea467ed1efea562bbeb543994c2d1f6e800785bd5a2c98bc096f5cb220 \
--hash=sha256:dfb4f4dd568de1b6af9f4cda334adf7d72cf5bc052516e1b2608b683375dd95c \
--hash=sha256:ed7b00096790213e09eb11c97cc6e2b757f15f3d2f85833cd2d3ec3fe37c1722
# via oracledb
greenlet==2.0.1 \
--hash=sha256:0109af1138afbfb8ae647e31a2b1ab030f58b21dd8528c27beaeb0093b7938a9 \
--hash=sha256:0459d94f73265744fee4c2d5ec44c6f34aa8a31017e6e9de770f7bcf29710be9 \
@ -66,6 +160,108 @@ greenlet==2.0.1 \
--hash=sha256:f6327b6907b4cb72f650a5b7b1be23a2aab395017aa6f1adb13069d66360eb3f \
--hash=sha256:fb412b7db83fe56847df9c47b6fe3f13911b06339c2aa02dcc09dce8bbf582cd
# via sqlalchemy
oracledb==1.1.1 \
--hash=sha256:07846a86f481f9105dbf53390e1cb6b422ac929717949fbe9f2251a11a8f4332 \
--hash=sha256:0f731830519aef5b8c90c051ac631bdb9458a960a95945532dcf91c2cb66edf2 \
--hash=sha256:0f7ab47b95b5c7dad464fbcdad0731ee2e99defdecaf2d05808bceb7038d2489 \
--hash=sha256:24296ff54bca75c3b26df7b988a3b49ccd51d6070fc15d4e1cafafb277361f97 \
--hash=sha256:36d767d2e2a6abbb3f52ea76625f040bdaf32a141a4aa64942952e7e99051e0b \
--hash=sha256:393245177e3a0fcddbbc4f738fe8bdff92d19f7656f0baf87aaef8c12ee0fe62 \
--hash=sha256:39bf05208ada7c99ff85cd879f2a9f64c8f8fe73d4ce11d037f2bbedab0c4020 \
--hash=sha256:6a0ddb1f248912d1b5bbbef191f60d9e9b00700085004de068fa1986e0755295 \
--hash=sha256:6c643aa1826129af55688dc0a4a78a0525c991e17da26390e9f676067f92ddfe \
--hash=sha256:6cf4f9031b8c6262d75aac1af3c8246a73697ebcf91fd33eb0c82f6cd2100716 \
--hash=sha256:73f98552bb283baf385dba06a75d1de77f14d5870334c25ea5054e9d32fb6d1e \
--hash=sha256:7c5bd39b08c8adbf7a92385cb3a3689976301249364003929f71d4559fbf95c5 \
--hash=sha256:878cd5e18e0ad5885d1a74fd9a5f2e38eb320b6902ba63ad0a51aebd4bb4d68a \
--hash=sha256:88319c122f190b02ddf99cd278c1a7942c361b0037f8d9cf83142b4019c09602 \
--hash=sha256:8e0525c23b9a349a0ca63d6c2ef8e0fc6c526f2fffae8087ca5b43cef9969d6a \
--hash=sha256:90e01f66a1251da02f2dea4ac42a591e22b1c0b67ba2a6964fd01ef09a014b82 \
--hash=sha256:9be9d00b3f3118bacdffef8a9173a2ea3188552083d93129b1ab8c7907b3eea4 \
--hash=sha256:da65ea1b598de23ef9453cf6dfa3c7cc0f1645c9c63058098b1a92ed0d0619fb \
--hash=sha256:df25a33c00cd294cfee7b1112243a3b0d8d17982d1be301ba7c0b4c82eb8bc88 \
--hash=sha256:dffcc7fe4292b2382c3e8c0c81b83f409ad8d7ddcfaee090dc2d9e3b4f4ca2c9 \
--hash=sha256:f1aba62d17b2d2c91c410f384e05fdc94c1b36cb82ebb136842c82a37b7f981e \
--hash=sha256:f233a4d374379e5ecd86e776f2061308f5c2655ff62c2bdb43d8d7b9969cbc88 \
--hash=sha256:f35f8368dcd3adc33d1a695434fd994f78bb56a258136a6812b244e4ada24585
# via -r requirements.in
psycopg2-binary==2.9.5 \
--hash=sha256:00475004e5ed3e3bf5e056d66e5dcdf41a0dc62efcd57997acd9135c40a08a50 \
--hash=sha256:01ad49d68dd8c5362e4bfb4158f2896dc6e0c02e87b8a3770fc003459f1a4425 \
--hash=sha256:024030b13bdcbd53d8a93891a2cf07719715724fc9fee40243f3bd78b4264b8f \
--hash=sha256:02551647542f2bf89073d129c73c05a25c372fc0a49aa50e0de65c3c143d8bd0 \
--hash=sha256:043a9fd45a03858ff72364b4b75090679bd875ee44df9c0613dc862ca6b98460 \
--hash=sha256:05b3d479425e047c848b9782cd7aac9c6727ce23181eb9647baf64ffdfc3da41 \
--hash=sha256:0775d6252ccb22b15da3b5d7adbbf8cfe284916b14b6dc0ff503a23edb01ee85 \
--hash=sha256:1764546ffeaed4f9428707be61d68972eb5ede81239b46a45843e0071104d0dd \
--hash=sha256:1e491e6489a6cb1d079df8eaa15957c277fdedb102b6a68cfbf40c4994412fd0 \
--hash=sha256:212757ffcecb3e1a5338d4e6761bf9c04f750e7d027117e74aa3cd8a75bb6fbd \
--hash=sha256:215d6bf7e66732a514f47614f828d8c0aaac9a648c46a831955cb103473c7147 \
--hash=sha256:25382c7d174c679ce6927c16b6fbb68b10e56ee44b1acb40671e02d29f2fce7c \
--hash=sha256:2abccab84d057723d2ca8f99ff7b619285d40da6814d50366f61f0fc385c3903 \
--hash=sha256:2d964eb24c8b021623df1c93c626671420c6efadbdb8655cb2bd5e0c6fa422ba \
--hash=sha256:2ec46ed947801652c9643e0b1dc334cfb2781232e375ba97312c2fc256597632 \
--hash=sha256:2ef892cabdccefe577088a79580301f09f2a713eb239f4f9f62b2b29cafb0577 \
--hash=sha256:33e632d0885b95a8b97165899006c40e9ecdc634a529dca7b991eb7de4ece41c \
--hash=sha256:3520d7af1ebc838cc6084a3281145d5cd5bdd43fdef139e6db5af01b92596cb7 \
--hash=sha256:3d790f84201c3698d1bfb404c917f36e40531577a6dda02e45ba29b64d539867 \
--hash=sha256:3fc33295cfccad697a97a76dec3f1e94ad848b7b163c3228c1636977966b51e2 \
--hash=sha256:422e3d43b47ac20141bc84b3d342eead8d8099a62881a501e97d15f6addabfe9 \
--hash=sha256:426c2ae999135d64e6a18849a7d1ad0e1bd007277e4a8f4752eaa40a96b550ff \
--hash=sha256:46512486be6fbceef51d7660dec017394ba3e170299d1dc30928cbedebbf103a \
--hash=sha256:46850a640df62ae940e34a163f72e26aca1f88e2da79148e1862faaac985c302 \
--hash=sha256:484405b883630f3e74ed32041a87456c5e0e63a8e3429aa93e8714c366d62bd1 \
--hash=sha256:4e7904d1920c0c89105c0517dc7e3f5c20fb4e56ba9cdef13048db76947f1d79 \
--hash=sha256:56b2957a145f816726b109ee3d4e6822c23f919a7d91af5a94593723ed667835 \
--hash=sha256:5c6527c8efa5226a9e787507652dd5ba97b62d29b53c371a85cd13f957fe4d42 \
--hash=sha256:5cbc554ba47ecca8cd3396ddaca85e1ecfe3e48dd57dc5e415e59551affe568e \
--hash=sha256:5d28ecdf191db558d0c07d0f16524ee9d67896edf2b7990eea800abeb23ebd61 \
--hash=sha256:5fc447058d083b8c6ac076fc26b446d44f0145308465d745fba93a28c14c9e32 \
--hash=sha256:63e318dbe52709ed10d516a356f22a635e07a2e34c68145484ed96a19b0c4c68 \
--hash=sha256:68d81a2fe184030aa0c5c11e518292e15d342a667184d91e30644c9d533e53e1 \
--hash=sha256:6e63814ec71db9bdb42905c925639f319c80e7909fb76c3b84edc79dadef8d60 \
--hash=sha256:6f8a9bcab7b6db2e3dbf65b214dfc795b4c6b3bb3af922901b6a67f7cb47d5f8 \
--hash=sha256:70831e03bd53702c941da1a1ad36c17d825a24fbb26857b40913d58df82ec18b \
--hash=sha256:74eddec4537ab1f701a1647214734bc52cee2794df748f6ae5908e00771f180a \
--hash=sha256:7b3751857da3e224f5629400736a7b11e940b5da5f95fa631d86219a1beaafec \
--hash=sha256:7cf1d44e710ca3a9ce952bda2855830fe9f9017ed6259e01fcd71ea6287565f5 \
--hash=sha256:7d07f552d1e412f4b4e64ce386d4c777a41da3b33f7098b6219012ba534fb2c2 \
--hash=sha256:7d88db096fa19d94f433420eaaf9f3c45382da2dd014b93e4bf3215639047c16 \
--hash=sha256:7ee3095d02d6f38bd7d9a5358fcc9ea78fcdb7176921528dd709cc63f40184f5 \
--hash=sha256:902844f9c4fb19b17dfa84d9e2ca053d4a4ba265723d62ea5c9c26b38e0aa1e6 \
--hash=sha256:937880290775033a743f4836aa253087b85e62784b63fd099ee725d567a48aa1 \
--hash=sha256:95076399ec3b27a8f7fa1cc9a83417b1c920d55cf7a97f718a94efbb96c7f503 \
--hash=sha256:9c38d3869238e9d3409239bc05bc27d6b7c99c2a460ea337d2814b35fb4fea1b \
--hash=sha256:9e32cedc389bcb76d9f24ea8a012b3cb8385ee362ea437e1d012ffaed106c17d \
--hash=sha256:9ffdc51001136b699f9563b1c74cc1f8c07f66ef7219beb6417a4c8aaa896c28 \
--hash=sha256:a0adef094c49f242122bb145c3c8af442070dc0e4312db17e49058c1702606d4 \
--hash=sha256:a36a0e791805aa136e9cbd0ffa040d09adec8610453ee8a753f23481a0057af5 \
--hash=sha256:a7e518a0911c50f60313cb9e74a169a65b5d293770db4770ebf004245f24b5c5 \
--hash=sha256:af0516e1711995cb08dc19bbd05bec7dbdebf4185f68870595156718d237df3e \
--hash=sha256:b8104f709590fff72af801e916817560dbe1698028cd0afe5a52d75ceb1fce5f \
--hash=sha256:b911dfb727e247340d36ae20c4b9259e4a64013ab9888ccb3cbba69b77fd9636 \
--hash=sha256:b9a794cef1d9c1772b94a72eec6da144c18e18041d294a9ab47669bc77a80c1d \
--hash=sha256:b9c33d4aef08dfecbd1736ceab8b7b3c4358bf10a0121483e5cd60d3d308cc64 \
--hash=sha256:b9d38a4656e4e715d637abdf7296e98d6267df0cc0a8e9a016f8ba07e4aa3eeb \
--hash=sha256:bcda1c84a1c533c528356da5490d464a139b6e84eb77cc0b432e38c5c6dd7882 \
--hash=sha256:bef7e3f9dc6f0c13afdd671008534be5744e0e682fb851584c8c3a025ec09720 \
--hash=sha256:c15ba5982c177bc4b23a7940c7e4394197e2d6a424a2d282e7c236b66da6d896 \
--hash=sha256:c5254cbd4f4855e11cebf678c1a848a3042d455a22a4ce61349c36aafd4c2267 \
--hash=sha256:c5682a45df7d9642eff590abc73157c887a68f016df0a8ad722dcc0f888f56d7 \
--hash=sha256:c5e65c6ac0ae4bf5bef1667029f81010b6017795dcb817ba5c7b8a8d61fab76f \
--hash=sha256:d4c7b3a31502184e856df1f7bbb2c3735a05a8ce0ade34c5277e1577738a5c91 \
--hash=sha256:d892bfa1d023c3781a3cab8dd5af76b626c483484d782e8bd047c180db590e4c \
--hash=sha256:dbc332beaf8492b5731229a881807cd7b91b50dbbbaf7fe2faf46942eda64a24 \
--hash=sha256:dc85b3777068ed30aff8242be2813038a929f2084f69e43ef869daddae50f6ee \
--hash=sha256:e59137cdb970249ae60be2a49774c6dfb015bd0403f05af1fe61862e9626642d \
--hash=sha256:e67b3c26e9b6d37b370c83aa790bbc121775c57bfb096c2e77eacca25fd0233b \
--hash=sha256:e72c91bda9880f097c8aa3601a2c0de6c708763ba8128006151f496ca9065935 \
--hash=sha256:f95b8aca2703d6a30249f83f4fe6a9abf2e627aa892a5caaab2267d56be7ab69
# via -r requirements.in
pycparser==2.21 \
--hash=sha256:8ee45429555515e1f6b185e78100aea234072576aa43ab53aefcae078162fca9 \
--hash=sha256:e644fdec12f7872f86c58ff790da456218b10f863970249516d60a5eaca77206
# via cffi
pymysql==1.0.2 \
--hash=sha256:41fc3a0c5013d5f039639442321185532e3e2c8924687abe6537de157d403641 \
--hash=sha256:816927a350f38d56072aeca5dfb10221fe1dc653745853d30a216637f5d7ad36

2
src/common/gen/Templator.py
View File

@ -1,7 +1,6 @@
from copy import deepcopy
from glob import glob
from importlib import import_module
from os import environ
from os.path import basename, dirname, isdir
from pathlib import Path
from random import choice
@ -25,7 +24,6 @@ class Templator:
self.__target += "/"
self.__config = config
self.__jinja_env = self.__load_jinja_env()
environ.update(config)
def render(self):
self.__render_global()

7
src/common/helpers/install.sh
View File

@ -414,10 +414,11 @@ fi
# Install Python dependencies
echo " Install python dependencies"
do_and_check_cmd pip3 install --upgrade pip
do_and_check_cmd pip3 install -r /tmp/bunkerweb/gen/requirements.txt
do_and_check_cmd pip3 install -r /tmp/bunkerweb/job/requirements.txt
do_and_check_cmd pip3 install --no-cache-dir --require-hashes -r /tmp/bunkerweb/common/gen/requirements.txt
if [ "$OS" != "alpine" ] ; then
do_and_check_cmd pip3 install -r /tmp/bunkerweb/ui/requirements.txt
do_and_check_cmd pip3 install --no-cache-dir --require-hashes -r /tmp/bunkerweb/common/db/requirements.txt
do_and_check_cmd pip3 install --no-cache-dir --require-hashes -r /tmp/bunkerweb/scheduler/requirements.txt
do_and_check_cmd pip3 install --no-cache-dir --require-hashes -r /tmp/bunkerweb/ui/requirements.txt
fi
do_and_check_cmd pip3 install cryptography --upgrade

9
src/scheduler/Dockerfile
View File

@ -10,10 +10,13 @@ RUN mkdir -p /usr/share/bunkerweb/deps && \
rm -rf /tmp/req
# Install python requirements
RUN pip install --no-cache-dir --upgrade pip && \
RUN apk add --no-cache --virtual .build-deps g++ gcc && \
pip install --no-cache-dir --upgrade pip && \
pip install wheel && \
mkdir /usr/share/bunkerweb/deps/python && \
pip install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/deps/requirements.txt
mkdir -p /usr/share/bunkerweb/deps/python && \
pip install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/deps/requirements.txt && \
pip install --no-cache-dir gunicorn && \
apk del .build-deps
# Copy files
# can't exclude specific files/dir from . so we are copying everything by hand

14
src/scheduler/JobScheduler.py
View File

@ -22,7 +22,7 @@ from ApiCaller import ApiCaller
class JobScheduler(ApiCaller):
def __init__(
self,
env={},
env=None,
lock=None,
apis=[],
logger: Logger = setup_logger("Scheduler", getenv("LOG_LEVEL", "INFO")),
@ -32,7 +32,7 @@ class JobScheduler(ApiCaller):
self.__logger = logger
self.__integration = integration
self.__db = Database(self.__logger)
self.__env = env
self.__env = env or {}
self.__env.update(environ)
self.__jobs = self.__get_jobs()
self.__lock = lock
@ -83,7 +83,7 @@ class JobScheduler(ApiCaller):
)
reload = proc.returncode == 0
if reload:
self.__logger.info("Successfuly reloaded nginx")
self.__logger.info("Successfully reloaded nginx")
else:
self.__logger.error(
f"Error while reloading nginx - returncode: {proc.returncode} - error: {proc.stderr.decode('utf-8')}",
@ -92,7 +92,7 @@ class JobScheduler(ApiCaller):
self.__logger.info("Reloading nginx ...")
reload = self._send_to_apis("POST", "/reload")
if reload:
self.__logger.info("Successfuly reloaded nginx")
self.__logger.info("Successfully reloaded nginx")
else:
self.__logger.error("Error while reloading nginx")
return reload
@ -124,11 +124,11 @@ class JobScheduler(ApiCaller):
if not err:
self.__logger.info(
f"Successfuly executed job {name} from plugin {plugin} and updated database",
f"Successfully updated database for the job {name} from plugin {plugin}",
)
else:
self.__logger.warning(
f"Successfuly executed job {name} from plugin {plugin} but failed to update database: {err}",
f"Failed to update database for the job {name} from plugin {plugin}: {err}",
)
return success
@ -170,7 +170,7 @@ class JobScheduler(ApiCaller):
success = False
self.__logger.error("Error while sending /data/cache folder")
else:
self.__logger.info("Successfuly sent /data/cache folder")
self.__logger.info("Successfully sent /data/cache folder")
if not self.__reload():
success = False
except:

31
src/scheduler/main.py
View File

@ -269,27 +269,28 @@ if __name__ == "__main__":
# run the generator
cmd = f"python /usr/share/bunkerweb/gen/main.py --settings /usr/share/bunkerweb/settings.json --templates /usr/share/bunkerweb/confs --output /etc/nginx{f' --variables {args.variables}' if args.variables else ''}"
proc = subprocess_run(cmd.split(" "), stdin=DEVNULL, stderr=STDOUT)
if proc.returncode != 0:
logger.error(
"Config generator failed, configuration will not work as expected...",
)
else:
# Fix permissions for the nginx folder
for root, dirs, files in walk("/etc/nginx", topdown=False):
for name in files + dirs:
chown(join(root, name), "scheduler", "scheduler")
chmod(join(root, name), 0o770)
# Fix permissions for the nginx folder
for root, dirs, files in walk("/etc/nginx", topdown=False):
for name in files + dirs:
chown(join(root, name), "scheduler", "scheduler")
chmod(join(root, name), 0o770)
copy("/etc/nginx/variables.env", "/var/tmp/bunkerweb/variables.env")
copy("/etc/nginx/variables.env", "/var/tmp/bunkerweb/variables.env")
if len(api_caller._get_apis()) > 0:
# send nginx configs
logger.info("Sending /etc/nginx folder ...")
ret = api_caller._send_files("/etc/nginx", "/confs")
if not ret:
logger.error(
"Sending nginx configs failed, configuration will not work as expected...",
)
if len(api_caller._get_apis()) > 0:
# send nginx configs
logger.info("Sending /etc/nginx folder ...")
ret = api_caller._send_files("/etc/nginx", "/confs")
if not ret:
logger.error(
"Sending nginx configs failed, configuration will not work as expected...",
)
# Fix permissions for the cache and the custom configs folders
for root, dirs, files in imerge(

21
src/ui/Dockerfile
View File

@ -16,16 +16,17 @@ COPY src/ui/requirements.txt /tmp/req/requirements.txt
COPY src/common/gen/requirements.txt /tmp/req/requirements.txt.1
COPY src/common/db/requirements.txt /tmp/req/requirements.txt.2
RUN mkdir -p /usr/share/bunkerweb/ui/deps && \
cat /tmp/req/requirements.txt /tmp/req/requirements.txt.1 /tmp/req/requirements.txt.2 > /usr/share/bunkerweb/ui/deps/requirements.txt && \
RUN mkdir -p /usr/share/bunkerweb/deps && \
cat /tmp/req/requirements.txt /tmp/req/requirements.txt.1 /tmp/req/requirements.txt.2 > /usr/share/bunkerweb/deps/requirements.txt && \
rm -rf /tmp/req
# Install python requirements
RUN pip install --no-cache-dir --upgrade pip && \
RUN apk add --no-cache --virtual .build-deps g++ gcc && \
pip install --no-cache-dir --upgrade pip && \
pip install wheel && \
mkdir -p /usr/share/bunkerweb/ui/deps/python && \
pip install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/ui/deps/python -r /usr/share/bunkerweb/ui/deps/requirements.txt && \
pip install --no-cache-dir gunicorn
mkdir -p /usr/share/bunkerweb/deps/python && \
pip install --no-cache-dir --require-hashes --target /usr/share/bunkerweb/deps/python -r /usr/share/bunkerweb/deps/requirements.txt && \
apk del .build-deps
COPY src/ui /usr/share/bunkerweb/ui
@ -44,12 +45,12 @@ RUN apk add --no-cache bash file && \
for dir in $(echo "/usr/share/bunkerweb /etc/bunkerweb") ; do find ${dir} -type f -exec chmod 0740 {} \; ; done && \
for dir in $(echo "/usr/share/bunkerweb /etc/bunkerweb") ; do find ${dir} -type d -exec chmod 0750 {} \; ; done && \
chmod 770 /var/cache/bunkerweb /var/tmp/bunkerweb && \
chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/ui/deps/python/bin/*
chmod 750 /usr/share/bunkerweb/gen/main.py /usr/share/bunkerweb/deps/python/bin/*
# Fix CVEs
RUN apk add "libssl1.1>=1.1.1q-r0" "libcrypto1.1>=1.1.1q-r0" "git>=2.32.3-r0" "ncurses-libs>=6.2_p20210612-r1" "ncurses-terminfo-base>=6.2_p20210612-r1" "libtirpc>=1.3.2-r1" "libtirpc-conf>=1.3.2-r1" "zlib>=1.2.12-r2" "libxml2>=2.9.14-r1"
VOLUME /data
VOLUME /data /etc/nginx
EXPOSE 7000
@ -57,5 +58,5 @@ WORKDIR /usr/share/bunkerweb/ui
USER ui:ui
ENV PYTHONPATH /usr/share/bunkerweb/ui/deps/python
CMD ["python3", "-m", "gunicorn", "--bind=0.0.0.0:7000", "--workers=1", "--threads=2", "--user", "ui", "--group", "ui", "main:app"]
ENV PYTHONPATH /usr/share/bunkerweb/deps/python
CMD ["python3", "-m", "gunicorn", "--bind=0.0.0.0:7000", "--workers=1", "--threads=2", "--user", "ui", "--group", "ui", "main:app"]

2
src/ui/main.py
View File

@ -1,7 +1,7 @@
from subprocess import DEVNULL, STDOUT, run
from sys import path as sys_path, exit as sys_exit, modules as sys_modules
sys_path.append("/usr/share/bunkerweb/ui/deps/python")
sys_path.append("/usr/share/bunkerweb/deps/python")
from bs4 import BeautifulSoup
from copy import deepcopy

1
src/ui/requirements.in
View File

@ -5,3 +5,4 @@ beautifulsoup4==4.11.1
python_dateutil==2.8.2
python-magic==0.4.27
bcrypt==4.0.1
gunicorn==20.1.0

10
src/ui/requirements.txt
View File

@ -50,6 +50,10 @@ flask-wtf==1.0.1 \
--hash=sha256:34fe5c6fee0f69b50e30f81a3b7ea16aa1492a771fe9ad0974d164610c09a6c9 \
--hash=sha256:9d733658c80be551ce7d5bc13c7a7ac0d80df509be1e23827c847d9520f4359a
# via -r requirements.in
gunicorn==20.1.0 \
--hash=sha256:9dcc4547dbb1cb284accfb15ab5667a0e5d1881cc443e0677b4882a4067a807e \
--hash=sha256:e0a968b5ba15f8a328fdfd7ab1fcb5af4470c28aaf7e55df02a99bc13138e6e8
# via -r requirements.in
itsdangerous==2.1.2 \
--hash=sha256:2c2349112351b88699d8d4b6b075022c0808887cb7ad10069318a8b0bc88db44 \
--hash=sha256:5dbbc68b317e5e42f327f9021763545dc3fc3bfe22e6deb96aaf1fc38874156a
@ -131,3 +135,9 @@ wtforms==3.0.1 \
--hash=sha256:6b351bbb12dd58af57ffef05bc78425d08d1914e0fd68ee14143b7ade023c5bc \
--hash=sha256:837f2f0e0ca79481b92884962b914eba4e72b7a2daaf1f939c890ed0124b834b
# via flask-wtf
# The following packages are considered to be unsafe in a requirements file:
setuptools==65.5.1 \
--hash=sha256:d0b9a8433464d5800cbe05094acf5c6d52a91bfac9b52bcfc4d41382be5d5d31 \
--hash=sha256:e197a19aa8ec9722928f2206f8de752def0e4c9fc6953527360d1c36d94ddb2f
# via gunicorn