From fa628cb7d64143ce5f3fa80954fa19f99d5f7124 Mon Sep 17 00:00:00 2001
From: florian <fpitance@bunkerity.com>
Date: Mon, 30 Oct 2023 13:27:28 +0100
Subject: [PATCH] linux - add default API_LISTEN_IP

---
 .github/workflows/test-core-linux.yml       | 1 +
 .github/workflows/tests-ui-linux.yml        | 1 +
 docs/quickstart-guide.md                    | 9 +++++++++
 docs/web-ui.md                              | 4 +++-
 examples/authelia/variables.env             | 1 +
 examples/behind-reverse-proxy/variables.env | 1 +
 examples/cors/variables.env                 | 1 +
 examples/drupal/variables.env               | 1 +
 examples/joomla/variables.env               | 1 +
 examples/moodle/variables.env               | 1 +
 examples/nextcloud/variables.env            | 1 +
 examples/php-cookie-flags/variables.env     | 1 +
 examples/php-multisite/variables.env        | 1 +
 examples/php-singlesite/variables.env       | 1 +
 examples/proxy-protocol/variables.env       | 1 +
 examples/wordpress/variables.env            | 1 +
 src/common/confs/api.conf                   | 4 ++--
 17 files changed, 28 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/test-core-linux.yml b/.github/workflows/test-core-linux.yml
index 6057bcc6..aede07ee 100644
--- a/.github/workflows/test-core-linux.yml
+++ b/.github/workflows/test-core-linux.yml
@@ -81,6 +81,7 @@ jobs:
           echo "HTTP_PORT=80" | sudo tee -a /etc/bunkerweb/variables.env
           echo "HTTPS_PORT=443" | sudo tee -a /etc/bunkerweb/variables.env
           echo 'DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4' | sudo tee -a /etc/bunkerweb/variables.env
+          echo 'API_LISTEN_IP=127.0.0.1' | sudo tee -a /etc/bunkerweb/variables.env
           echo "USE_BUNKERNET=no" | sudo tee -a /etc/bunkerweb/variables.env
           echo "USE_BLACKLIST=no" | sudo tee -a /etc/bunkerweb/variables.env
           echo "LOG_LEVEL=info" | sudo tee -a /etc/bunkerweb/variables.env
diff --git a/.github/workflows/tests-ui-linux.yml b/.github/workflows/tests-ui-linux.yml
index 67306c7c..3dfb42d6 100644
--- a/.github/workflows/tests-ui-linux.yml
+++ b/.github/workflows/tests-ui-linux.yml
@@ -75,6 +75,7 @@ jobs:
           echo "HTTP_PORT=80" | sudo tee -a /etc/bunkerweb/variables.env
           echo "HTTPS_PORT=443" | sudo tee -a /etc/bunkerweb/variables.env
           echo 'DNS_RESOLVERS=9.9.9.9 8.8.8.8 8.8.4.4' | sudo tee -a /etc/bunkerweb/variables.env
+          echo 'API_LISTEN_IP=127.0.0.1' | sudo tee -a /etc/bunkerweb/variables.env
           echo "MULTISITE=yes" | sudo tee -a /etc/bunkerweb/variables.env
           echo "LOG_LEVEL=info" | sudo tee -a /etc/bunkerweb/variables.env
           echo "USE_BUNKERNET=no" | sudo tee -a /etc/bunkerweb/variables.env
diff --git a/docs/quickstart-guide.md b/docs/quickstart-guide.md
index 06b0695d..5fe1d95c 100644
--- a/docs/quickstart-guide.md
+++ b/docs/quickstart-guide.md
@@ -228,6 +228,7 @@ You will find more settings about reverse proxy in the [settings section](settin
     HTTP_PORT=80
     HTTPS_PORT=443
     DNS_RESOLVERS=8.8.8.8 8.8.4.4
+    API_LISTEN_IP=127.0.0.1
     SERVER_NAME=www.example.com
     USE_REVERSE_PROXY=yes
     REVERSE_PROXY_URL=/
@@ -268,6 +269,7 @@ You will find more settings about reverse proxy in the [settings section](settin
     HTTP_PORT=80
     HTTPS_PORT=443
     DNS_RESOLVERS=8.8.8.8 8.8.4.4
+    API_LISTEN_IP=127.0.0.1
     SERVER_NAME=www.example.com
     USE_REVERSE_PROXY=yes
     REVERSE_PROXY_URL=/
@@ -323,6 +325,7 @@ You will find more settings about reverse proxy in the [settings section](settin
     HTTP_PORT=80
     HTTPS_PORT=443
     DNS_RESOLVERS=8.8.8.8 8.8.4.4
+    API_LISTEN_IP=127.0.0.1
     USE_REVERSE_PROXY=yes
     REVERSE_PROXY_URL=/
     REVERSE_PROXY_HOST=http://127.0.0.1:8000
@@ -658,6 +661,7 @@ You will find more settings about reverse proxy in the [settings section](settin
     HTTP_PORT=80
     HTTPS_PORT=443
     DNS_RESOLVERS=8.8.8.8 8.8.4.4
+    API_LISTEN_IP=127.0.0.1
     MULTISITE=yes
     SERVER_NAME=app1.example.com app2.example.com app3.example.com
     USE_REVERSE_PROXY=yes
@@ -701,6 +705,7 @@ You will find more settings about reverse proxy in the [settings section](settin
     HTTP_PORT=80
     HTTPS_PORT=443
     DNS_RESOLVERS=8.8.8.8 8.8.4.4
+    API_LISTEN_IP=127.0.0.1
     MULTISITE=yes
     SERVER_NAME=app1.example.com app2.example.com app3.example.com
     USE_REVERSE_PROXY=yes
@@ -756,6 +761,7 @@ You will find more settings about reverse proxy in the [settings section](settin
     HTTP_PORT=80
     HTTPS_PORT=443
     DNS_RESOLVERS=8.8.8.8 8.8.4.4
+    API_LISTEN_IP=127.0.0.1
     MULTISITE=yes
     SERVER_NAME=app1.example.com app2.example.com app3.example.com
     USE_REVERSE_PROXY=yes
@@ -2199,6 +2205,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma
     HTTP_PORT=80
     HTTPS_PORT=443
     DNS_RESOLVERS=8.8.8.8 8.8.4.4
+    API_LISTEN_IP=127.0.0.1
     MULTISITE=yes
     SERVER_NAME=app1.example.com app2.example.com app3.example.com
     app1.example.com_LOCAL_PHP=/run/php/php-fpm.sock
@@ -2240,6 +2247,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma
     HTTP_PORT=80
     HTTPS_PORT=443
     DNS_RESOLVERS=8.8.8.8 8.8.4.4
+    API_LISTEN_IP=127.0.0.1
     MULTISITE=yes
     SERVER_NAME=app1.example.com app2.example.com app3.example.com
     app1.example.com_LOCAL_PHP=/run/php/php-fpm.sock
@@ -2289,6 +2297,7 @@ BunkerWeb supports PHP using external or remote [PHP-FPM](https://www.php.net/ma
     HTTP_PORT=80
     HTTPS_PORT=443
     DNS_RESOLVERS=8.8.8.8 8.8.4.4
+    API_LISTEN_IP=127.0.0.1
     MULTISITE=yes
     SERVER_NAME=app1.example.com app2.example.com app3.example.com
     app1.example.com_LOCAL_PHP=/run/php/php-fpm.sock
diff --git a/docs/web-ui.md b/docs/web-ui.md
index c3693e1f..22d80120 100644
--- a/docs/web-ui.md
+++ b/docs/web-ui.md
@@ -823,10 +823,10 @@ Because the web UI is a web application, the recommended installation procedure
     Here is the `/etc/bunkerweb/variables.env` boilerplate you can use :
 
     ```conf
-    API_LISTEN_IP=127.0.0.1
     HTTP_PORT=80
     HTTPS_PORT=443
     DNS_RESOLVERS=8.8.8.8 8.8.4.4
+    API_LISTEN_IP=127.0.0.1
     SERVER_NAME=www.example.com
     MULTISITE=yes
     www.example.com_USE_UI=yes
@@ -859,6 +859,7 @@ Because the web UI is a web application, the recommended installation procedure
     HTTP_PORT=80
     HTTPS_PORT=443
     DNS_RESOLVERS=8.8.8.8 8.8.4.4
+    API_LISTEN_IP=127.0.0.1
     SERVER_NAME=www.example.com
     MULTISITE=yes
     www.example.com_USE_UI=yes
@@ -932,6 +933,7 @@ Because the web UI is a web application, the recommended installation procedure
     HTTP_PORT=80
     HTTPS_PORT=443
     DNS_RESOLVERS=8.8.8.8 8.8.4.4
+    API_LISTEN_IP=127.0.0.1
     SERVER_NAME=www.example.com
     MULTISITE=yes
     www.example.com_USE_UI=yes
diff --git a/examples/authelia/variables.env b/examples/authelia/variables.env
index 04c39eb9..e2d99cfa 100644
--- a/examples/authelia/variables.env
+++ b/examples/authelia/variables.env
@@ -1,6 +1,7 @@
 HTTP_PORT=80
 HTTPS_PORT=443
 DNS_RESOLVERS=8.8.8.8 8.8.4.4
+API_LISTEN_IP=127.0.0.1
 MULTISITE=yes
 # Replace with your domains
 SERVER_NAME=auth.example.com app1.example.com app2.example.com
diff --git a/examples/behind-reverse-proxy/variables.env b/examples/behind-reverse-proxy/variables.env
index a7ae9b03..a5739756 100644
--- a/examples/behind-reverse-proxy/variables.env
+++ b/examples/behind-reverse-proxy/variables.env
@@ -1,4 +1,5 @@
 DNS_RESOLVERS=8.8.8.8 8.8.4.4
+API_LISTEN_IP=127.0.0.1
 # replace with your domains
 SERVER_NAME=www.example.com
 # real IP settings
diff --git a/examples/cors/variables.env b/examples/cors/variables.env
index db25d7dc..727676fc 100644
--- a/examples/cors/variables.env
+++ b/examples/cors/variables.env
@@ -1,6 +1,7 @@
 HTTP_PORT=80
 HTTPS_PORT=443
 DNS_RESOLVERS=8.8.8.8 8.8.4.4
+API_LISTEN_IP=127.0.0.1
 MULTISITE=yes
 # Replace with your domains
 SERVER_NAME=app1.example.com app2.example.com app3.example.com
diff --git a/examples/drupal/variables.env b/examples/drupal/variables.env
index e2ad8014..cd89e898 100644
--- a/examples/drupal/variables.env
+++ b/examples/drupal/variables.env
@@ -1,6 +1,7 @@
 HTTP_PORT=80
 HTTPS_PORT=443
 DNS_RESOLVERS=8.8.8.8 8.8.4.4
+API_LISTEN_IP=127.0.0.1
 # Replace with your domain
 SERVER_NAME=www.example.com
 DISABLE_DEFAULT_SERVER=yes
diff --git a/examples/joomla/variables.env b/examples/joomla/variables.env
index bad26da3..bc6fac93 100644
--- a/examples/joomla/variables.env
+++ b/examples/joomla/variables.env
@@ -1,6 +1,7 @@
 HTTP_PORT=80
 HTTPS_PORT=443
 DNS_RESOLVERS=8.8.8.8 8.8.4.4
+API_LISTEN_IP=127.0.0.1
 # Replace with your domain
 SERVER_NAME=www.example.com
 DISABLE_DEFAULT_SERVER=yes
diff --git a/examples/moodle/variables.env b/examples/moodle/variables.env
index 145418bc..dd3ee50d 100644
--- a/examples/moodle/variables.env
+++ b/examples/moodle/variables.env
@@ -1,6 +1,7 @@
 HTTP_PORT=80
 HTTPS_PORT=443
 DNS_RESOLVERS=8.8.8.8 8.8.4.4
+API_LISTEN_IP=127.0.0.1
 # Replace with your domain
 SERVER_NAME=www.example.com
 DISABLE_DEFAULT_SERVER=yes
diff --git a/examples/nextcloud/variables.env b/examples/nextcloud/variables.env
index 8a0f79b8..1614f461 100644
--- a/examples/nextcloud/variables.env
+++ b/examples/nextcloud/variables.env
@@ -1,6 +1,7 @@
 HTTP_PORT=80
 HTTPS_PORT=443
 DNS_RESOLVERS=8.8.8.8 8.8.4.4
+API_LISTEN_IP=127.0.0.1
 # Replace with your domain
 SERVER_NAME=www.example.com
 DISABLE_DEFAULT_SERVER=yes
diff --git a/examples/php-cookie-flags/variables.env b/examples/php-cookie-flags/variables.env
index 8b293306..daa34576 100644
--- a/examples/php-cookie-flags/variables.env
+++ b/examples/php-cookie-flags/variables.env
@@ -1,6 +1,7 @@
 HTTP_PORT=80
 HTTPS_PORT=443
 DNS_RESOLVERS=8.8.8.8 8.8.4.4
+API_LISTEN_IP=127.0.0.1
 # Replace with your domain
 SERVER_NAME=www.example.com
 DISABLE_DEFAULT_SERVER=yes
diff --git a/examples/php-multisite/variables.env b/examples/php-multisite/variables.env
index 424c318f..84787578 100644
--- a/examples/php-multisite/variables.env
+++ b/examples/php-multisite/variables.env
@@ -1,6 +1,7 @@
 HTTP_PORT=80
 HTTPS_PORT=443
 DNS_RESOLVERS=8.8.8.8 8.8.4.4
+API_LISTEN_IP=127.0.0.1
 # Replace with your domain
 SERVER_NAME=app1.example.com app2.example.com
 MULTISITE=yes
diff --git a/examples/php-singlesite/variables.env b/examples/php-singlesite/variables.env
index 53d9f8ac..6adc19ed 100644
--- a/examples/php-singlesite/variables.env
+++ b/examples/php-singlesite/variables.env
@@ -1,6 +1,7 @@
 HTTP_PORT=80
 HTTPS_PORT=443
 DNS_RESOLVERS=8.8.8.8 8.8.4.4
+API_LISTEN_IP=127.0.0.1
 # Replace with your domain
 SERVER_NAME=www.example.com
 DISABLE_DEFAULT_SERVER=yes
diff --git a/examples/proxy-protocol/variables.env b/examples/proxy-protocol/variables.env
index fb0bd805..3cfa19c2 100644
--- a/examples/proxy-protocol/variables.env
+++ b/examples/proxy-protocol/variables.env
@@ -1,4 +1,5 @@
 DNS_RESOLVERS=8.8.8.8 8.8.4.4
+API_LISTEN_IP=127.0.0.1
 # replace with your domains
 SERVER_NAME=www.example.com
 # real IP settings
diff --git a/examples/wordpress/variables.env b/examples/wordpress/variables.env
index ebfc913e..6fd16b61 100644
--- a/examples/wordpress/variables.env
+++ b/examples/wordpress/variables.env
@@ -1,6 +1,7 @@
 HTTP_PORT=80
 HTTPS_PORT=443
 DNS_RESOLVERS=8.8.8.8 8.8.4.4
+API_LISTEN_IP=127.0.0.1
 # Replace with your domain
 SERVER_NAME=www.example.com
 DISABLE_DEFAULT_SERVER=yes
diff --git a/src/common/confs/api.conf b/src/common/confs/api.conf
index bb7a8a88..80b60a0e 100644
--- a/src/common/confs/api.conf
+++ b/src/common/confs/api.conf
@@ -2,9 +2,9 @@ server {
 	server_name {{ API_SERVER_NAME }};
 
 	# HTTP listen
-	listen {{ API_LISTEN_IP }}:{{ API_HTTP_PORT }};
+	listen {{ API_LISTEN_IP }}:{{ API_HTTP_PORT }} reuseport;
 {% if API_LISTEN_IP != "127.0.0.1" +%}
-	listen 127.0.0.1:{{ API_HTTP_PORT }};
+	listen 127.0.0.1:{{ API_HTTP_PORT }} reuseport;
 {% endif %}
 
 	# maximum body size for API