web UI example and CVE-2020-8231 fix again

2020-12-11 11:44:45 +01:00 · 2020-12-11 11:44:45 +01:00 · 7b55acbe8b
commit 7b55acbe8b
parent 559b7835d4
6 changed files with 44 additions and 5 deletions
--- a/2
+++ b/2
@ -32,7 +32,7 @@ RUN apk --no-cache add certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban c
    chmod 750 /acme-challenge
 # Fix CVE-2020-28928 & CVE-2020-8231
-RUN apk --no-cache add "musl-utils>1.1.24-r2" "libcurl>7.67.0-r1"
+RUN apk --no-cache add "musl-utils>1.1.24-r2" "curl>7.67.0-r1"
 VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs /cache
--- a/2
+++ b/2
@ -32,7 +32,7 @@ RUN apk --no-cache add certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban c
    chmod 750 /acme-challenge
 # Fix CVE-2020-28928 & CVE-2020-8231
-RUN apk --no-cache add "musl-utils>1.1.24-r2" "libcurl>7.67.0-r1"
+RUN apk --no-cache add "musl-utils>1.1.24-r2" "curl>7.67.0-r1"
 VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs /cache
--- a/2
+++ b/2
@ -39,7 +39,7 @@ RUN apk --no-cache add certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban c
    chmod 750 /acme-challenge
 # Fix CVE-2020-28928 & CVE-2020-8231
-RUN apk --no-cache add "musl-utils>1.1.24-r2" "libcurl>7.67.0-r1"
+RUN apk --no-cache add "musl-utils>1.1.24-r2" "curl>7.67.0-r1"
 VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs /cache
--- a/2
+++ b/2
@ -39,7 +39,7 @@ RUN apk --no-cache add certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban c
    chmod 750 /acme-challenge
 # Fix CVE-2020-28928 & CVE-2020-8231
-RUN apk --no-cache add "musl-utils>1.1.24-r2" "libcurl>7.67.0-r1"
+RUN apk --no-cache add "musl-utils>1.1.24-r2" "curl>7.67.0-r1"
 VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs /cache
--- a/2
+++ b/2
@ -32,7 +32,7 @@ RUN apk --no-cache add certbot libstdc++ libmaxminddb geoip pcre yajl fail2ban c
    chmod 750 /acme-challenge
 # Fix CVE-2020-28928 & CVE-2020-8231
-RUN apk --no-cache add "musl-utils>1.1.24-r2" "libcurl>7.67.0-r1"
+RUN apk --no-cache add "musl-utils>1.1.24-r2" "curl>7.67.0-r1"
 VOLUME /www /http-confs /server-confs /modsec-confs /modsec-crs-confs /cache
--- a/examples/web-ui/docker-compose.yml
+++ b/examples/web-ui/docker-compose.yml
@ -0,0 +1,39 @@
 version: '3'
 services:
  mywww:
    image: bunkerity/bunkerized-nginx
    restart: always
    ports:
      - 80:8080
      - 443:8443
    volumes:
      - ./letsencrypt:/etc/letsencrypt
      - ./web-files:/www:ro
      - autoconf:/etc/nginx
    environment:
      - SERVER_NAME=admin.domain.com                          # replace with your domain
      - MULTISITE=yes
      - AUTO_LETS_ENCRYPT=yes
      - REDIRECT_HTTP_TO_HTTPS=yes
      - DISABLE_DEFAULT_SERVER=yes
      - USE_CLIENT_CACHE=yes
      - USE_GZIP=yes
      - USE_BROTLI=yes
      - admin.domain.com_SERVE_FILES=no
      - admin.domain.com_USE_AUTH_BASIC=yes
      - admin.domain.com_AUTH_BASIC_USER=admin                # change it to something hard to guess
      - admin.domain.com_AUTH_BASIC_PASSWORD=admin            # change it to something hard to guess
      - admin.domain.com_USE_REVERSE_PROXY=yes
      - admin.domain.com_REVERSE_PROXY_URL=/admin/            # change it to something hard to guess
      - admin.domain.com_REVERSE_PROXY_HOST=http://myui:5000/  
    labels:
      - "bunkerized-nginx.UI"
  myui:
    image: bunkerity/bunkerized-nginx-ui
    restart: always
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - autoconf:/etc/nginx