librewolf/bunkerized-nginx
4
0
Fork 1
mirror of https://github.com/bunkerity/bunkerized-nginx synced 2023-12-13 21:30:18 +01:00
Code Issues Projects Releases Wiki Activity
bunkerized-nginx/tests/core/misc/test.sh

296 lines
13 KiB
Bash
Executable file
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
integration=$1
if [ -z "$integration" ] ; then
echo "🗃️ Please provide an integration name as argument ❌"
exit 1
elif [ "$integration" != "docker" ] && [ "$integration" != "linux" ] ; then
echo "🗃️ Integration \"$integration\" is not supported ❌"
exit 1
fi
echo "🗃️ Building misc stack for integration \"$integration\" ..."
# Starting stack
if [ "$integration" == "docker" ] ; then
docker compose pull bw-docker
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🗃️ Pull failed ❌"
exit 1
fi
docker compose -f docker-compose.test.yml build
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🗃️ Build failed ❌"
exit 1
fi
else
sudo systemctl stop bunkerweb
echo "GENERATE_SELF_SIGNED_SSL=no" | sudo tee -a /etc/bunkerweb/variables.env
echo "USE_MODSECURITY=no" | sudo tee -a /etc/bunkerweb/variables.env
echo "DISABLE_DEFAULT_SERVER=no" | sudo tee -a /etc/bunkerweb/variables.env
echo "REDIRECT_HTTP_TO_HTTPS=no" | sudo tee -a /etc/bunkerweb/variables.env
echo "AUTO_REDIRECT_HTTP_TO_HTTPS=yes" | sudo tee -a /etc/bunkerweb/variables.env
echo "ALLOWED_METHODS=GET|POST|HEAD" | sudo tee -a /etc/bunkerweb/variables.env
echo "MAX_CLIENT_SIZE=5m" | sudo tee -a /etc/bunkerweb/variables.env
echo "SERVE_FILES=yes" | sudo tee -a /etc/bunkerweb/variables.env
echo "SSL_PROTOCOLS=TLSv1.2 TLSv1.3" | sudo tee -a /etc/bunkerweb/variables.env
echo "HTTP2=yes" | sudo tee -a /etc/bunkerweb/variables.env
echo "LISTEN_HTTP=yes" | sudo tee -a /etc/bunkerweb/variables.env
echo "DENY_HTTP_STATUS=403" | sudo tee -a /etc/bunkerweb/variables.env
sudo touch /var/www/html/index.html
export TEST_TYPE="linux"
sudo cp ready.conf /etc/bunkerweb/server-http
fi
manual=0
end=0
cleanup_stack () {
exit_code=$?
if [[ $end -eq 1 || $exit_code = 1 ]] || [[ $end -eq 0 && $exit_code = 0 ]] && [ $manual = 0 ] ; then
if [ "$integration" == "docker" ] ; then
find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "yes"@GENERATE_SELF_SIGNED_SSL: "no"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@DISABLE_DEFAULT_SERVER: "yes"@DISABLE_DEFAULT_SERVER: "no"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@ALLOWED_METHODS: ".*"$@ALLOWED_METHODS: "GET|POST|HEAD"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@MAX_CLIENT_SIZE: "10m"@MAX_CLIENT_SIZE: "5m"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@SERVE_FILES: "no"@SERVE_FILES: "yes"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@SSL_PROTOCOLS: "TLSv1.2"@SSL_PROTOCOLS: "TLSv1.2 TLSv1.3"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@HTTP2: "no"@HTTP2: "yes"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@LISTEN_HTTP: "no"@LISTEN_HTTP: "yes"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@DENY_HTTP_STATUS: "444"@DENY_HTTP_STATUS: "403"@' {} \;
else
sudo sed -i 's@GENERATE_SELF_SIGNED_SSL=.*$@GENERATE_SELF_SIGNED_SSL=no@' /etc/bunkerweb/variables.env
sudo sed -i 's@DISABLE_DEFAULT_SERVER=.*$@DISABLE_DEFAULT_SERVER=no@' /etc/bunkerweb/variables.env
sudo sed -i 's@ALLOWED_METHODS=.*$@ALLOWED_METHODS=GET|POST|HEAD@' /etc/bunkerweb/variables.env
sudo sed -i 's@MAX_CLIENT_SIZE=.*$@MAX_CLIENT_SIZE=5m@' /etc/bunkerweb/variables.env
sudo sed -i 's@SERVE_FILES=.*$@SERVE_FILES=yes@' /etc/bunkerweb/variables.env
sudo sed -i 's@SSL_PROTOCOLS=.*$@SSL_PROTOCOLS=TLSv1.2 TLSv1.3@' /etc/bunkerweb/variables.env
sudo sed -i 's@HTTP2=.*$@HTTP2=yes@' /etc/bunkerweb/variables.env
sudo sed -i 's@LISTEN_HTTP=.*$@LISTEN_HTTP=yes@' /etc/bunkerweb/variables.env
sudo sed -i 's@DENY_HTTP_STATUS=.*$@DENY_HTTP_STATUS=403@' /etc/bunkerweb/variables.env
unset GENERATE_SELF_SIGNED_SSL
unset DISABLE_DEFAULT_SERVER
unset ALLOWED_METHODS
unset MAX_CLIENT_SIZE
unset SERVE_FILES
unset SSL_PROTOCOLS
unset HTTP2
unset LISTEN_HTTP
unset DENY_HTTP_STATUS
fi
if [[ $end -eq 1 && $exit_code = 0 ]] ; then
return
fi
fi
echo "🗃️ Cleaning up current stack ..."
if [ "$integration" == "docker" ] ; then
docker compose down -v --remove-orphans
else
sudo systemctl stop bunkerweb
sudo truncate -s 0 /var/log/bunkerweb/error.log
fi
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🗃️ Cleanup failed ❌"
exit 1
fi
echo "🗃️ Cleaning up current stack done ✅"
}
# Cleanup stack on exit
trap cleanup_stack EXIT
for test in "default" "ssl_generated" "tweaked" "deny_status_444" "TLSv1.2"
do
if [ "$test" = "default" ] ; then
echo "🗃️ Running tests when misc settings have default values except MAX_CLIENT_SIZE which have the value \"5m\" ..."
elif [ "$test" = "ssl_generated" ] ; then
echo "🗃️ Running tests when misc settings have default values and the ssl is generated in self signed ..."
if [ "$integration" == "docker" ] ; then
find . -type f -name 'docker-compose.*' -exec sed -i 's@GENERATE_SELF_SIGNED_SSL: "no"@GENERATE_SELF_SIGNED_SSL: "yes"@' {} \;
else
sudo sed -i 's@GENERATE_SELF_SIGNED_SSL=.*$@GENERATE_SELF_SIGNED_SSL=yes@' /etc/bunkerweb/variables.env
export GENERATE_SELF_SIGNED_SSL="yes"
fi
elif [ "$test" = "tweaked" ] ; then
echo "🗃️ Running tests when misc settings have tweaked values ..."
echo " Keeping the ssl generated in self signed ..."
if [ "$integration" == "docker" ] ; then
find . -type f -name 'docker-compose.*' -exec sed -i 's@DISABLE_DEFAULT_SERVER: "no"@DISABLE_DEFAULT_SERVER: "yes"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@ALLOWED_METHODS: ".*"$@ALLOWED_METHODS: "POST|HEAD"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@MAX_CLIENT_SIZE: "5m"@MAX_CLIENT_SIZE: "10m"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@SERVE_FILES: "yes"@SERVE_FILES: "no"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@HTTP2: "yes"@HTTP2: "no"@' {} \;
else
sudo sed -i 's@DISABLE_DEFAULT_SERVER=.*$@DISABLE_DEFAULT_SERVER=yes@' /etc/bunkerweb/variables.env
sudo sed -i 's@ALLOWED_METHODS=.*$@ALLOWED_METHODS=POST|HEAD@' /etc/bunkerweb/variables.env
sudo sed -i 's@MAX_CLIENT_SIZE=.*$@MAX_CLIENT_SIZE=10m@' /etc/bunkerweb/variables.env
sudo sed -i 's@SERVE_FILES=.*$@SERVE_FILES=no@' /etc/bunkerweb/variables.env
sudo sed -i 's@HTTP2=.*$@HTTP2=no@' /etc/bunkerweb/variables.env
export DISABLE_DEFAULT_SERVER="yes"
export ALLOWED_METHODS="POST|HEAD"
export MAX_CLIENT_SIZE="10m"
export SERVE_FILES="no"
export HTTP2="no"
fi
elif [ "$test" = "deny_status_444" ] ; then
echo "🗃️ Running tests when the server's deny status is set to 444 ..."
echo " Keeping the ssl generated in self signed ..."
if [ "$integration" == "docker" ] ; then
find . -type f -name 'docker-compose.*' -exec sed -i 's@DENY_HTTP_STATUS: "403"@DENY_HTTP_STATUS: "444"@' {} \;
else
sudo sed -i 's@DENY_HTTP_STATUS=.*$@DENY_HTTP_STATUS=444@' /etc/bunkerweb/variables.env
export DENY_HTTP_STATUS="444"
fi
elif [ "$test" = "TLSv1.2" ] ; then
echo "🗃️ Running tests with only TLSv1.2 enabled and when the server is not listening on http ..."
echo " Keeping the ssl generated in self signed ..."
if [ "$integration" == "docker" ] ; then
find . -type f -name 'docker-compose.*' -exec sed -i 's@DISABLE_DEFAULT_SERVER: "yes"@DISABLE_DEFAULT_SERVER: "no"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@SSL_PROTOCOLS: "TLSv1.2 TLSv1.3"@SSL_PROTOCOLS: "TLSv1.2"@' {} \;
find . -type f -name 'docker-compose.*' -exec sed -i 's@LISTEN_HTTP: "yes"@LISTEN_HTTP: "no"@' {} \;
else
sudo sed -i 's@DISABLE_DEFAULT_SERVER=.*$@DISABLE_DEFAULT_SERVER=no@' /etc/bunkerweb/variables.env
sudo sed -i 's@SSL_PROTOCOLS=.*$@SSL_PROTOCOLS=TLSv1.2@' /etc/bunkerweb/variables.env
sudo sed -i 's@LISTEN_HTTP=.*$@LISTEN_HTTP=no@' /etc/bunkerweb/variables.env
export DISABLE_DEFAULT_SERVER="no"
export SSL_PROTOCOLS="TLSv1.2"
export LISTEN_HTTP="no"
fi
fi
echo "🗃️ Starting stack ..."
if [ "$integration" == "docker" ] ; then
docker compose up -d
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🗃️ Up failed, retrying ... ⚠️"
manual=1
cleanup_stack
manual=0
docker compose up -d
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🗃️ Up failed ❌"
exit 1
fi
fi
else
sudo systemctl start bunkerweb
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🗃️ Start failed ❌"
exit 1
fi
fi
# Check if stack is healthy
echo "🗃️ Waiting for stack to be healthy ..."
i=0
if [ "$integration" == "docker" ] ; then
while [ $i -lt 120 ] ; do
containers=("misc-bw-1" "misc-bw-scheduler-1")
healthy="true"
for container in "${containers[@]}" ; do
check="$(docker inspect --format "{{json .State.Health }}" "$container" | grep "healthy")"
if [ "$check" = "" ] ; then
healthy="false"
break
fi
done
if [ "$healthy" = "true" ] ; then
echo "🗃️ Docker stack is healthy ✅"
break
fi
sleep 1
i=$((i+1))
done
if [ $i -ge 120 ] ; then
docker compose logs
echo "🗃️ Docker stack is not healthy ❌"
exit 1
fi
else
healthy="false"
retries=0
while [[ $healthy = "false" && $retries -lt 5 ]] ; do
while [ $i -lt 120 ] ; do
if sudo grep -q "BunkerWeb is ready" "/var/log/bunkerweb/error.log" ; then
echo "🗃️ Linux stack is healthy ✅"
break
fi
sleep 1
i=$((i+1))
done
if [ $i -ge 120 ] ; then
sudo journalctl -u bunkerweb --no-pager
echo "🛡️ Showing BunkerWeb error logs ..."
sudo cat /var/log/bunkerweb/error.log
echo "🛡️ Showing BunkerWeb access logs ..."
sudo cat /var/log/bunkerweb/access.log
echo "🗃️ Linux stack is not healthy ❌"
exit 1
fi
if sudo journalctl -u bunkerweb --no-pager | grep -q "SYSTEMCTL - ❌ " ; then
echo "🗃️ ⚠ Linux stack got an issue, restarting ..."
sudo journalctl --rotate
sudo journalctl --vacuum-time=1s
manual=1
cleanup_stack
manual=0
sudo systemctl start bunkerweb
retries=$((retries+1))
else
healthy="true"
fi
done
if [ "$retries" -ge 5 ] ; then
echo "🗃️ Linux stack could not be healthy ❌"
exit 1
fi
fi
# Start tests
if [ "$integration" == "docker" ] ; then
docker compose -f docker-compose.test.yml up --abort-on-container-exit --exit-code-from tests
else
python3 main.py
fi
# shellcheck disable=SC2181
if [ $? -ne 0 ] ; then
echo "🗃️ Test \"$test\" failed ❌"
echo "🛡️ Showing BunkerWeb and BunkerWeb Scheduler logs ..."
if [ "$integration" == "docker" ] ; then
docker compose logs bw bw-scheduler
else
sudo journalctl -u bunkerweb --no-pager
echo "🛡️ Showing BunkerWeb error logs ..."
sudo cat /var/log/bunkerweb/error.log
echo "🛡️ Showing BunkerWeb access logs ..."
sudo cat /var/log/bunkerweb/access.log
fi
exit 1
else
echo "🗃️ Test \"$test\" succeeded ✅"
fi
manual=1
cleanup_stack
manual=0
echo " "
done
end=1
echo "🗃️ Tests are done ! ✅"
Reference in a new issue View git blame Copy permalink