Makussu/bunkerweb
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

introducing SWARM_MODE env var

Browse Source
This commit is contained in:
bunkerity 2021-03-12 12:40:52 +01:00
parent 7756c2df3c
commit 816fa47cbb
6 changed files with 53 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
confs/global/api.conf
View File

@ -1,3 +1,5 @@
set api_uri "%API_URI%";
rewrite_by_lua_block { rewrite_by_lua_block {
local api = require "api" local api = require "api"

1
entrypoint/defaults.sh
View File

@ -128,3 +128,4 @@ ANTIBOT_SESSION_SECRET="${ANTIBOT_SESSION_SECRET-random}"
USE_CROWDSEC="${USE_CROWDSEC-no}" USE_CROWDSEC="${USE_CROWDSEC-no}"
USE_API="${USE_API-no}" USE_API="${USE_API-no}"
API_URI="${API_URI-random}" API_URI="${API_URI-random}"
SWARM_MODE="${SWARM_MODE-no}"

48
entrypoint/entrypoint.sh
View File

@ -31,7 +31,7 @@ trap "trap_exit" TERM INT QUIT
# trap SIGHUP # trap SIGHUP
function trap_reload() { function trap_reload() {
echo "[*] Catched reload operation" echo "[*] Catched reload operation"
if [ "$MULTISITE" = "yes" ] ; then if [ "$MULTISITE" = "yes" ] && [ "$SWARM_MODE" != "yes" ] ; then
/opt/entrypoint/multisite-config.sh /opt/entrypoint/multisite-config.sh
fi fi
if [ -f /tmp/nginx.pid ] ; then if [ -f /tmp/nginx.pid ] ; then
@ -50,17 +50,28 @@ trap "trap_reload" HUP
# do the configuration magic if needed # do the configuration magic if needed
if [ ! -f "/opt/installed" ] ; then if [ ! -f "/opt/installed" ] ; then
echo "[*] Configuring bunkerized-nginx ..." echo "[*] Configuring bunkerized-nginx ..."
/opt/entrypoint/global-config.sh
if [ "$MULTISITE" = "yes" ] ; then # logs config
for server in $SERVER_NAME ; do /opt/entrypoint/logs.sh
/opt/entrypoint/site-config.sh "$server"
echo "[*] Multi site - $server configuration done" # only do config if we are not in swarm mode
done if [ "$SWARM_MODE" = "no" ] ; then
/opt/entrypoint/multisite-config.sh # global config
else /opt/entrypoint/global-config.sh
/opt/entrypoint/site-config.sh # multisite configs
echo "[*] Single site - $SERVER_NAME configuration done" if [ "$MULTISITE" = "yes" ] ; then
for server in $SERVER_NAME ; do
/opt/entrypoint/site-config.sh "$server"
echo "[*] Multi site - $server configuration done"
done
/opt/entrypoint/multisite-config.sh
# singlesite config
else
/opt/entrypoint/site-config.sh
echo "[*] Single site - $SERVER_NAME configuration done"
fi
fi fi
touch /opt/installed touch /opt/installed
else else
@ -78,16 +89,23 @@ rsyslogd
# start crond # start crond
crond crond
# start nginx # wait until config has been generated if we are in swarm mode
if [ "$SWARM_MODE" != "yes" ] ; then
echo "[*] Waiting until config has been generated ..."
while [ ! -f "/etc/nginx/autoconf" ] ; do
sleep 1
done
fi
if [ -f "/tmp/nginx-temp.pid" ] ; then if [ -f "/tmp/nginx-temp.pid" ] ; then
nginx -c /etc/nginx/nginx-temp.conf -s quit nginx -c /etc/nginx/nginx-temp.conf -s quit
fi fi
echo "[*] Running nginx ..." echo "[*] Running nginx ..."
su -s "/usr/sbin/nginx" nginx su -s "/usr/sbin/nginx" nginx
if [ "$?" -eq 0 ] ; then if [ "$?" -eq 0 ] ; then
touch "/opt/running" echo "[*] nginx successfully started !"
else else
rm -f "/opt/running" 2> /dev/null echo "[!] nginx failed to start"
fi fi
# list of log files to display # list of log files to display
@ -114,7 +132,7 @@ fi
# display logs # display logs
tail -F $LOGS & tail -F $LOGS &
pid="$!" pid="$!"
while [ -f "/opt/running" ] ; do while [ -f "/tmp/nginx.pid" ] ; do
wait "$pid" wait "$pid"
done done

14
entrypoint/global-config.sh
View File

@ -7,8 +7,6 @@
. /opt/entrypoint/utils.sh . /opt/entrypoint/utils.sh
# copy stub confs # copy stub confs
cp /opt/logs/rsyslog.conf /etc/rsyslog.conf
cp /opt/logs/logrotate.conf /etc/logrotate.conf
cp -r /opt/lua/* /usr/local/lib/lua cp -r /opt/lua/* /usr/local/lib/lua
cp /opt/confs/global/* /etc/nginx/ cp /opt/confs/global/* /etc/nginx/
@ -310,17 +308,9 @@ if [ "$USE_API" = "yes" ] ; then
replace_in_file "/etc/nginx/nginx.conf" "%USE_API%" "include /etc/nginx/api.conf;" replace_in_file "/etc/nginx/nginx.conf" "%USE_API%" "include /etc/nginx/api.conf;"
if [ "$API_URI" = "random" ] ; then if [ "$API_URI" = "random" ] ; then
API_URI="/$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)" API_URI="/$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)"
echo "[*] Generated API URI : $API_URI"
fi fi
replace_in_file "/usr/local/lib/lua/api.lua" "%API_URI%" "$API_URI" replace_in_file "/etc/nginx/api.conf" "%API_URI%" "$API_URI"
else else
replace_in_file "/etc/nginx/nginx.conf" "%USE_API%" "" replace_in_file "/etc/nginx/nginx.conf" "%USE_API%" ""
fi fi
# create empty logs
touch /var/log/access.log
touch /var/log/error.log
# setup logrotate
replace_in_file "/etc/logrotate.conf" "%LOGROTATE_MAXAGE%" "$LOGROTATE_MAXAGE"
replace_in_file "/etc/logrotate.conf" "%LOGROTATE_MINSIZE%" "$LOGROTATE_MINSIZE"
echo "$LOGROTATE_CRON /opt/scripts/logrotate.sh > /dev/null 2>&1" >> /etc/crontabs/root

14
entrypoint/logs.sh Normal file
View File

@ -0,0 +1,14 @@
#!/bin/bash
cp /opt/logs/rsyslog.conf /etc/rsyslog.conf
cp /opt/logs/logrotate.conf /etc/logrotate.conf
# create empty logs
touch /var/log/access.log
touch /var/log/error.log
touch /var/log/jobs.log
# setup logrotate
replace_in_file "/etc/logrotate.conf" "%LOGROTATE_MAXAGE%" "$LOGROTATE_MAXAGE"
replace_in_file "/etc/logrotate.conf" "%LOGROTATE_MINSIZE%" "$LOGROTATE_MINSIZE"
echo "$LOGROTATE_CRON /opt/scripts/logrotate.sh > /dev/null 2>&1" >> /etc/crontabs/root

2
lua/api.lua
View File

@ -1,5 +1,5 @@
local M = {} local M = {}
local api_uri = "%API_URI%" local api_uri = ngx.var.api_uri
local api_list = {} local api_list = {}
api_list["^/reload$"] = function () api_list["^/reload$"] = function ()