Makussu/bunkerweb
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Deployed fd0c7b1 to 1.4 with MkDocs 1.2.3 and mike 1.1.2

Browse Source
This commit is contained in:
florian 2022-06-16 17:51:59 +01:00
parent 71cf3be5a0
commit b08323f39e
15 changed files with 1896 additions and 1726 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
1.4/404.html
View File

@ -610,7 +610,7 @@ documentation for the current version.
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "/1.4", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate", "content.code.annotate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "/1.4/assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script id="__config" type="application/json">{"base": "/1.4", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "/1.4/assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script src="/1.4/assets/javascripts/bundle.467223ff.min.js"></script>

106
1.4/about/index.html
View File

@ -659,58 +659,58 @@ documentation for the current version.
</ul>
<h2 id="how-to-report-security-issue">How to report security issue ?</h2>
<p>Please contact us at <a href="mailto:security@bunkerity.com">security@bunkerity.com</a> using the following PGP key :</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-0-1" name="__codelineno-0-1" href="#__codelineno-0-1"></a>-----BEGIN PGP PUBLIC KEY BLOCK-----
<a id="__codelineno-0-2" name="__codelineno-0-2" href="#__codelineno-0-2"></a>
<a id="__codelineno-0-3" name="__codelineno-0-3" href="#__codelineno-0-3"></a>mQINBGCEMiMBEACtXJBDbF86qjC/Q1cfmJfYcYrbk6eE5czknG294XObC97wAgDf
<a id="__codelineno-0-4" name="__codelineno-0-4" href="#__codelineno-0-4"></a>/MbX6bnti4kDRpflGDqQtwOXudcEzledTD4bdDUKvZwqPoYQGa24uCuUxSINTLXr
<a id="__codelineno-0-5" name="__codelineno-0-5" href="#__codelineno-0-5"></a>RuoMaKfpvs7trsFXp5iYUqf4Org2aaJE7Tk/9sOvxgdqsT22jEgCZXTRU1qG494U
<a id="__codelineno-0-6" name="__codelineno-0-6" href="#__codelineno-0-6"></a>u6XRQN8hKlw6aa6njjX9vUk6Jpl46/kwwO9mpXBZX6iFKYnBlUWs2k8d6D6cO5aZ
<a id="__codelineno-0-7" name="__codelineno-0-7" href="#__codelineno-0-7"></a>KLoYyz5v3Gw2hHSqj4qbVQPTIT7qrrcfd8nblYK7Dh3IM+vQq7a7lB0AudIyBNPd
<a id="__codelineno-0-8" name="__codelineno-0-8" href="#__codelineno-0-8"></a>rsypi9ZYgwI3lv/rmQnDc32Ua5cLvTvgg/XoaNK9ogc3kei1+hXODEgRA/zvSKqq
<a id="__codelineno-0-9" name="__codelineno-0-9" href="#__codelineno-0-9"></a>20i/1Y0OnIGv89LOI6urWpOgDAhQUV5xvANll2lm3Bkmy29UOzNadUc/yImxrM06
<a id="__codelineno-0-10" name="__codelineno-0-10" href="#__codelineno-0-10"></a>HwX82ju6PFAqOaxMW6SEE71ylGOSlikAGNcmmc5Ihd1J/VRZA4PBiQ31gQxFRpUC
<a id="__codelineno-0-11" name="__codelineno-0-11" href="#__codelineno-0-11"></a>3NTw2QNAD1kjni5PuQD10Q1Ognvb6uJh/MtqsoX6r1t+Oly9MblFSuyqFkqNO3F0
<a id="__codelineno-0-12" name="__codelineno-0-12" href="#__codelineno-0-12"></a>QAJqprhJlQ3YOcJdJ1EZR7qs0xJm5h+lw0Z/UINqkwiZUW3PCO8BKxfq6sfdwM8L
<a id="__codelineno-0-13" name="__codelineno-0-13" href="#__codelineno-0-13"></a>5hPhyUzy2gIJ0J/4NGYEBH1ojoYODGU8OCSmyjSTY9SoVMeWDfqYP4ZTvQARAQAB
<a id="__codelineno-0-14" name="__codelineno-0-14" href="#__codelineno-0-14"></a>tCVidW5rZXJpdHktcGdwIDxjb250YWN0QGJ1bmtlcml0eS5jb20+iQJUBBMBCAA+
<a id="__codelineno-0-15" name="__codelineno-0-15" href="#__codelineno-0-15"></a>FiEEw78SjkcVxXCq7hStPYCAbxJgKnwFAmCEMiMCGwMFCQPCIP0FCwkIBwIGFQoJ
<a id="__codelineno-0-16" name="__codelineno-0-16" href="#__codelineno-0-16"></a>CAsCBBYCAwECHgECF4AACgkQPYCAbxJgKnzvYhAAnNqGB6ce2eZzwk1EiNlNaXaA
<a id="__codelineno-0-17" name="__codelineno-0-17" href="#__codelineno-0-17"></a>hFWLq/s/J1IOAP+0V5jKJxA6zTX01HyIfIIHQy6nrxxEXzYsIUHdJ+HBPCNswCqn
<a id="__codelineno-0-18" name="__codelineno-0-18" href="#__codelineno-0-18"></a>2d/aDkkfoEUc1bUD0c2bXfoSCsAeIoK+eOf6iSr4IENVoIUYFQTUKFNu+Y7eDL0I
<a id="__codelineno-0-19" name="__codelineno-0-19" href="#__codelineno-0-19"></a>J8Xadg53G+fkK9LE6TeYpBs3hDT4w7vlDfIwWa1NC9HoLzSmZ2fqZ7SnihLGsLmp
<a id="__codelineno-0-20" name="__codelineno-0-20" href="#__codelineno-0-20"></a>98VqDrDjhRPzrz5/tVYgvPCQQU5ED/TayCCYvrGpw9gP8qmEOabIUz0ppGwEfQVs
<a id="__codelineno-0-21" name="__codelineno-0-21" href="#__codelineno-0-21"></a>Wycilm1/Js/qjdbxUFMipBIzDu7bI3kMLmENhI+16Xtub9dUrvkW2SdDngYhtWj8
<a id="__codelineno-0-22" name="__codelineno-0-22" href="#__codelineno-0-22"></a>IzVOe6N/XDuiRGpaYFpEuXbrnDFexe1ygZwnVHt3fukPfa7W8mhMs2kY1ishIA0O
<a id="__codelineno-0-23" name="__codelineno-0-23" href="#__codelineno-0-23"></a>WElKO1Q6N0ZWEad0PwM8NCDjaDUNWQC36ZF/MS+ipHWx9joPUjImY2AXDjN+L+Si
<a id="__codelineno-0-24" name="__codelineno-0-24" href="#__codelineno-0-24"></a>ABQIe4Fo6Jx6S6Bi8YvPq8idYZvaWFJjBvmaPjxdUMPbIsMRiEjvlrhvqhLuVBpE
<a id="__codelineno-0-25" name="__codelineno-0-25" href="#__codelineno-0-25"></a>lGA+M4UJGw5yBl+yiiLDuws/Fppv9HwNqw6Uq1m1XaW859Om1GGBKYfphyn+fHjR
<a id="__codelineno-0-26" name="__codelineno-0-26" href="#__codelineno-0-26"></a>7ftOuT7Ss4zioXT4mscOZgkfzDAqgpZiHjYhe7tLUu7iD6UEsZmey/gRV0hCxng3
<a id="__codelineno-0-27" name="__codelineno-0-27" href="#__codelineno-0-27"></a>N7yaRrBu0+3sIQV4jYC5Ag0EYIQyIwEQALSurJGOx7At5mRFjvhXd4/JHuBZZOSI
<a id="__codelineno-0-28" name="__codelineno-0-28" href="#__codelineno-0-28"></a>M45LSJ+mKYnAGmwsL0AneZMIf6Yc0Vcn32oqlIXN5aB8jIt91pChLre8tl/lFZZP
<a id="__codelineno-0-29" name="__codelineno-0-29" href="#__codelineno-0-29"></a>xY3WIEBJhZF0FIUqSQLjg4HD0S70REii7Om1kgtZueid8V6T5F1JDcO2mDoh8oc9
<a id="__codelineno-0-30" name="__codelineno-0-30" href="#__codelineno-0-30"></a>h9nRQ1Ld6dblEuwBzbFkI1K6OUk1+ec7+mQc7orHdBVgelmqwG7fGZnPiN3XfklF
<a id="__codelineno-0-31" name="__codelineno-0-31" href="#__codelineno-0-31"></a>dnwSkFIX/qkAsKQmmx1VSzaGFoPLajf4wrkzZdA3iEafsHyvdEFlezZCZ7TsoHBh
<a id="__codelineno-0-32" name="__codelineno-0-32" href="#__codelineno-0-32"></a>tNg1Psg6MbBVgiMfHyRHSEBJZ7r5Awj2MpFUFMOd1IPcor1I254mx0VYfCvof4Km
<a id="__codelineno-0-33" name="__codelineno-0-33" href="#__codelineno-0-33"></a>Ri1F/86kHc23A77pd4HFYZWiZjaWhh12L+wz5fDL5/sSFXVGSCtSWIKx6FjysZ+v
<a id="__codelineno-0-34" name="__codelineno-0-34" href="#__codelineno-0-34"></a>szk3lItHoomZhA7M+FjU/cOjq9hae9uwZeU39DQk0/npln2RcHitoqgUIzII5woO
<a id="__codelineno-0-35" name="__codelineno-0-35" href="#__codelineno-0-35"></a>S3SlMSc910tHf40D2cBr1iFKC0jQICjkDexB9CtNx/N25SJmLfiimYtk6/NHlPq4
<a id="__codelineno-0-36" name="__codelineno-0-36" href="#__codelineno-0-36"></a>HXdq6ZfLZ7xQmuGcyWv4f0pwA2CK3twISpsIxIKe456WYTDtQu9d1s987dvmw6F/
<a id="__codelineno-0-37" name="__codelineno-0-37" href="#__codelineno-0-37"></a>qURC6m2WPGroHb8COQTKzbshjpGUmLpyR3FXki4wNXeI1KaQLL7NpZmK6yJlWviO
<a id="__codelineno-0-38" name="__codelineno-0-38" href="#__codelineno-0-38"></a>1sCjh4m7VS+zABEBAAGJAjwEGAEIACYWIQTDvxKORxXFcKruFK09gIBvEmAqfAUC
<a id="__codelineno-0-39" name="__codelineno-0-39" href="#__codelineno-0-39"></a>YIQyIwIbDAUJA8Ig/QAKCRA9gIBvEmAqfP2WEACqmXEhu4ARl2yT9bay0+W3F1q1
<a id="__codelineno-0-40" name="__codelineno-0-40" href="#__codelineno-0-40"></a>MrLQkcVOau2ihXx3PhYsXRUoEFj72VDAar41WIlHsPJfB14WtSlYcX2XdjHLHMpC
<a id="__codelineno-0-41" name="__codelineno-0-41" href="#__codelineno-0-41"></a>dL2eGhqIcHzFChR0vGjtvm2wae/rJTChWf8WXiHrRnRcfFFfhpCvkNi43fQeH4yp
<a id="__codelineno-0-42" name="__codelineno-0-42" href="#__codelineno-0-42"></a>cel2a35WV+IRbnkCkaly2NG3XO0t83Siok8Ku+OJGPatUMxJmaEVQeeXVPDzVRva
<a id="__codelineno-0-43" name="__codelineno-0-43" href="#__codelineno-0-43"></a>rtvyd9Sclkd9QDPBLZyWHC1vsPKGRJpi5uDZjGxhaFRkimw/SYtFHj7AUrMKAIHB
<a id="__codelineno-0-44" name="__codelineno-0-44" href="#__codelineno-0-44"></a>GfEcwC3Eq4rF0FeCOPfBd2vwGGrRflx76jK9rj288ta9Oq6u6ev8PCVzt0E7jrSf
<a id="__codelineno-0-45" name="__codelineno-0-45" href="#__codelineno-0-45"></a>AX88vfVRcxihNfj/9i5xmY596jpgbvNA2aJX2hAO3Q8pD6AunVXPUyc3RlFHt7jC
<a id="__codelineno-0-46" name="__codelineno-0-46" href="#__codelineno-0-46"></a>tL+9Xv7Qwjz7OToWqj+9cM6T+6oZLxYNVPT72Z/KOFW+mzGb87qjcsDMb/hu2fNq
<a id="__codelineno-0-47" name="__codelineno-0-47" href="#__codelineno-0-47"></a>tSWyZk2AAgHQyG1y8vCQQzsDnUDM6NIPwYG5XMP+11WAsPk5fP1ksixpUqIWgjhY
<a id="__codelineno-0-48" name="__codelineno-0-48" href="#__codelineno-0-48"></a>M22YUsjLeaRtgSmhAGIkbBgecs1EHSZZ6sf2lB8gSom1wW0UCBPSifP0DwYFizS5
<a id="__codelineno-0-49" name="__codelineno-0-49" href="#__codelineno-0-49"></a>SOk62kZ0lqEctwgKDe3MNQnPxt9+tU9L1pIkyXgXihcOLiCMl434K0djJXxIbiX0
<a id="__codelineno-0-50" name="__codelineno-0-50" href="#__codelineno-0-50"></a>JvbFAfI3qteepvnjBQ==
<a id="__codelineno-0-51" name="__codelineno-0-51" href="#__codelineno-0-51"></a>=g1tf
<a id="__codelineno-0-52" name="__codelineno-0-52" href="#__codelineno-0-52"></a>-----END PGP PUBLIC KEY BLOCK-----
<div class="highlight"><pre><span></span><code>-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGCEMiMBEACtXJBDbF86qjC/Q1cfmJfYcYrbk6eE5czknG294XObC97wAgDf
/MbX6bnti4kDRpflGDqQtwOXudcEzledTD4bdDUKvZwqPoYQGa24uCuUxSINTLXr
RuoMaKfpvs7trsFXp5iYUqf4Org2aaJE7Tk/9sOvxgdqsT22jEgCZXTRU1qG494U
u6XRQN8hKlw6aa6njjX9vUk6Jpl46/kwwO9mpXBZX6iFKYnBlUWs2k8d6D6cO5aZ
KLoYyz5v3Gw2hHSqj4qbVQPTIT7qrrcfd8nblYK7Dh3IM+vQq7a7lB0AudIyBNPd
rsypi9ZYgwI3lv/rmQnDc32Ua5cLvTvgg/XoaNK9ogc3kei1+hXODEgRA/zvSKqq
20i/1Y0OnIGv89LOI6urWpOgDAhQUV5xvANll2lm3Bkmy29UOzNadUc/yImxrM06
HwX82ju6PFAqOaxMW6SEE71ylGOSlikAGNcmmc5Ihd1J/VRZA4PBiQ31gQxFRpUC
3NTw2QNAD1kjni5PuQD10Q1Ognvb6uJh/MtqsoX6r1t+Oly9MblFSuyqFkqNO3F0
QAJqprhJlQ3YOcJdJ1EZR7qs0xJm5h+lw0Z/UINqkwiZUW3PCO8BKxfq6sfdwM8L
5hPhyUzy2gIJ0J/4NGYEBH1ojoYODGU8OCSmyjSTY9SoVMeWDfqYP4ZTvQARAQAB
tCVidW5rZXJpdHktcGdwIDxjb250YWN0QGJ1bmtlcml0eS5jb20+iQJUBBMBCAA+
FiEEw78SjkcVxXCq7hStPYCAbxJgKnwFAmCEMiMCGwMFCQPCIP0FCwkIBwIGFQoJ
CAsCBBYCAwECHgECF4AACgkQPYCAbxJgKnzvYhAAnNqGB6ce2eZzwk1EiNlNaXaA
hFWLq/s/J1IOAP+0V5jKJxA6zTX01HyIfIIHQy6nrxxEXzYsIUHdJ+HBPCNswCqn
2d/aDkkfoEUc1bUD0c2bXfoSCsAeIoK+eOf6iSr4IENVoIUYFQTUKFNu+Y7eDL0I
J8Xadg53G+fkK9LE6TeYpBs3hDT4w7vlDfIwWa1NC9HoLzSmZ2fqZ7SnihLGsLmp
98VqDrDjhRPzrz5/tVYgvPCQQU5ED/TayCCYvrGpw9gP8qmEOabIUz0ppGwEfQVs
Wycilm1/Js/qjdbxUFMipBIzDu7bI3kMLmENhI+16Xtub9dUrvkW2SdDngYhtWj8
IzVOe6N/XDuiRGpaYFpEuXbrnDFexe1ygZwnVHt3fukPfa7W8mhMs2kY1ishIA0O
WElKO1Q6N0ZWEad0PwM8NCDjaDUNWQC36ZF/MS+ipHWx9joPUjImY2AXDjN+L+Si
ABQIe4Fo6Jx6S6Bi8YvPq8idYZvaWFJjBvmaPjxdUMPbIsMRiEjvlrhvqhLuVBpE
lGA+M4UJGw5yBl+yiiLDuws/Fppv9HwNqw6Uq1m1XaW859Om1GGBKYfphyn+fHjR
7ftOuT7Ss4zioXT4mscOZgkfzDAqgpZiHjYhe7tLUu7iD6UEsZmey/gRV0hCxng3
N7yaRrBu0+3sIQV4jYC5Ag0EYIQyIwEQALSurJGOx7At5mRFjvhXd4/JHuBZZOSI
M45LSJ+mKYnAGmwsL0AneZMIf6Yc0Vcn32oqlIXN5aB8jIt91pChLre8tl/lFZZP
xY3WIEBJhZF0FIUqSQLjg4HD0S70REii7Om1kgtZueid8V6T5F1JDcO2mDoh8oc9
h9nRQ1Ld6dblEuwBzbFkI1K6OUk1+ec7+mQc7orHdBVgelmqwG7fGZnPiN3XfklF
dnwSkFIX/qkAsKQmmx1VSzaGFoPLajf4wrkzZdA3iEafsHyvdEFlezZCZ7TsoHBh
tNg1Psg6MbBVgiMfHyRHSEBJZ7r5Awj2MpFUFMOd1IPcor1I254mx0VYfCvof4Km
Ri1F/86kHc23A77pd4HFYZWiZjaWhh12L+wz5fDL5/sSFXVGSCtSWIKx6FjysZ+v
szk3lItHoomZhA7M+FjU/cOjq9hae9uwZeU39DQk0/npln2RcHitoqgUIzII5woO
S3SlMSc910tHf40D2cBr1iFKC0jQICjkDexB9CtNx/N25SJmLfiimYtk6/NHlPq4
HXdq6ZfLZ7xQmuGcyWv4f0pwA2CK3twISpsIxIKe456WYTDtQu9d1s987dvmw6F/
qURC6m2WPGroHb8COQTKzbshjpGUmLpyR3FXki4wNXeI1KaQLL7NpZmK6yJlWviO
1sCjh4m7VS+zABEBAAGJAjwEGAEIACYWIQTDvxKORxXFcKruFK09gIBvEmAqfAUC
YIQyIwIbDAUJA8Ig/QAKCRA9gIBvEmAqfP2WEACqmXEhu4ARl2yT9bay0+W3F1q1
MrLQkcVOau2ihXx3PhYsXRUoEFj72VDAar41WIlHsPJfB14WtSlYcX2XdjHLHMpC
dL2eGhqIcHzFChR0vGjtvm2wae/rJTChWf8WXiHrRnRcfFFfhpCvkNi43fQeH4yp
cel2a35WV+IRbnkCkaly2NG3XO0t83Siok8Ku+OJGPatUMxJmaEVQeeXVPDzVRva
rtvyd9Sclkd9QDPBLZyWHC1vsPKGRJpi5uDZjGxhaFRkimw/SYtFHj7AUrMKAIHB
GfEcwC3Eq4rF0FeCOPfBd2vwGGrRflx76jK9rj288ta9Oq6u6ev8PCVzt0E7jrSf
AX88vfVRcxihNfj/9i5xmY596jpgbvNA2aJX2hAO3Q8pD6AunVXPUyc3RlFHt7jC
tL+9Xv7Qwjz7OToWqj+9cM6T+6oZLxYNVPT72Z/KOFW+mzGb87qjcsDMb/hu2fNq
tSWyZk2AAgHQyG1y8vCQQzsDnUDM6NIPwYG5XMP+11WAsPk5fP1ksixpUqIWgjhY
M22YUsjLeaRtgSmhAGIkbBgecs1EHSZZ6sf2lB8gSom1wW0UCBPSifP0DwYFizS5
SOk62kZ0lqEctwgKDe3MNQnPxt9+tU9L1pIkyXgXihcOLiCMl434K0djJXxIbiX0
JvbFAfI3qteepvnjBQ==
=g1tf
-----END PGP PUBLIC KEY BLOCK-----
</code></pre></div>
@ -801,7 +801,7 @@ documentation for the current version.
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate", "content.code.annotate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script src="../assets/javascripts/bundle.467223ff.min.js"></script>

36
1.4/concepts/index.html
View File

@ -642,13 +642,13 @@ documentation for the current version.
<p>Once BunkerWeb is integrated into your environment, you will need to configure it to serve and protect your web applications.</p>
<p>Configuration of BunkerWeb is done using what we called the "settings" or "variables". Each setting is identified by a name like <code>AUTO_LETS_ENCRYPT</code> or <code>USE_ANTIBOT</code> for example. You can assign values to the settings to configure BunkerWeb.</p>
<p>Here is a dummy example of a BunkerWeb configuration :</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-0-1" name="__codelineno-0-1" href="#__codelineno-0-1"></a>SERVER_NAME=www.example.com
<a id="__codelineno-0-2" name="__codelineno-0-2" href="#__codelineno-0-2"></a>AUTO_LETS_ENCRYPT=yes
<a id="__codelineno-0-3" name="__codelineno-0-3" href="#__codelineno-0-3"></a>USE_ANTIBOT=captcha
<a id="__codelineno-0-4" name="__codelineno-0-4" href="#__codelineno-0-4"></a>REFERRER_POLICY=no-referrer
<a id="__codelineno-0-5" name="__codelineno-0-5" href="#__codelineno-0-5"></a>USE_MODSECURITY=no
<a id="__codelineno-0-6" name="__codelineno-0-6" href="#__codelineno-0-6"></a>USE_GZIP=yes
<a id="__codelineno-0-7" name="__codelineno-0-7" href="#__codelineno-0-7"></a>USE_BROTLI=no
<div class="highlight"><pre><span></span><code>SERVER_NAME=www.example.com
AUTO_LETS_ENCRYPT=yes
USE_ANTIBOT=captcha
REFERRER_POLICY=no-referrer
USE_MODSECURITY=no
USE_GZIP=yes
USE_BROTLI=no
</code></pre></div>
<div class="admonition info">
<p class="admonition-title">Going further</p>
@ -665,16 +665,16 @@ documentation for the current version.
<p>The multisite mode is controlled by the <code>MULTISITE</code> setting which can be set to <code>yes</code> (enabled) or <code>no</code> (disabled, which is the default).</p>
<p>Each setting has a context which defines "where" it can be applied. If the context is global then the setting can't be set per server (or "per site", "per app") but only to the whole configuration. Otherwise, if the context is multisite, the setting can be set globally and per server. Defining a multisite setting to a specific server is done by adding the server name as a prefix of the setting name like <code>app1.example.com_AUTO_LETS_ENCRYPT</code> or <code>app2.example.com_USE_ANTIBOT</code> for example. When a multisite setting is defined globally (without any server prefix), all the servers will inherit that setting (but can still be overriden if we set the same setting with the server name prefix).</p>
<p>Here is a dummy example of a multisite BunkerWeb configuration :</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-1-1" name="__codelineno-1-1" href="#__codelineno-1-1"></a>MULTISITE=yes
<a id="__codelineno-1-2" name="__codelineno-1-2" href="#__codelineno-1-2"></a>SERVER_NAME=app1.example.com app2.example.com app3.example.com
<a id="__codelineno-1-3" name="__codelineno-1-3" href="#__codelineno-1-3"></a>AUTO_LETS_ENCRYPT=yes
<a id="__codelineno-1-4" name="__codelineno-1-4" href="#__codelineno-1-4"></a>USE_GZIP=yes
<a id="__codelineno-1-5" name="__codelineno-1-5" href="#__codelineno-1-5"></a>USE_BROTLI=yes
<a id="__codelineno-1-6" name="__codelineno-1-6" href="#__codelineno-1-6"></a>app1.example.com_USE_ANTIBOT=javascript
<a id="__codelineno-1-7" name="__codelineno-1-7" href="#__codelineno-1-7"></a>app1.example.com_USE_MODSECURITY=no
<a id="__codelineno-1-8" name="__codelineno-1-8" href="#__codelineno-1-8"></a>app2.example.com_USE_ANTIBOT=cookie
<a id="__codelineno-1-9" name="__codelineno-1-9" href="#__codelineno-1-9"></a>app2.example.com_WHITELIST_COUNTRY=FR
<a id="__codelineno-1-10" name="__codelineno-1-10" href="#__codelineno-1-10"></a>app3.example.com_USE_BAD_BEHAVIOR=no
<div class="highlight"><pre><span></span><code>MULTISITE=yes
SERVER_NAME=app1.example.com app2.example.com app3.example.com
AUTO_LETS_ENCRYPT=yes
USE_GZIP=yes
USE_BROTLI=yes
app1.example.com_USE_ANTIBOT=javascript
app1.example.com_USE_MODSECURITY=no
app2.example.com_USE_ANTIBOT=cookie
app2.example.com_WHITELIST_COUNTRY=FR
app3.example.com_USE_BAD_BEHAVIOR=no
</code></pre></div>
<div class="admonition info">
<p class="admonition-title">Going further</p>
@ -792,7 +792,7 @@ documentation for the current version.
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate", "content.code.annotate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script src="../assets/javascripts/bundle.467223ff.min.js"></script>

2
1.4/index.html
View File

@ -745,7 +745,7 @@ documentation for the current version.
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": ".", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate", "content.code.annotate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script id="__config" type="application/json">{"base": ".", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script src="assets/javascripts/bundle.467223ff.min.js"></script>

992
1.4/integrations/index.html
View File

File diff suppressed because it is too large Load Diff

18
1.4/migrating/index.html
View File

@ -442,11 +442,18 @@ documentation for the current version.
Removed features
</a>
</li>
<li class="md-nav__item">
<a href="#changed-authelia-support" class="md-nav__link">
Changed Authelia support
</a>
</li>
<li class="md-nav__item">
<a href="#replaced-block_-whitelist_-and-blacklist_-settings" class="md-nav__link">
Replaced BLOCK_, WHITELIST_ and BLACKLIST_* settings
Replaced BLOCK_*, WHITELIST_* and BLACKLIST_* settings
</a>
</li>
@ -636,18 +643,19 @@ documentation for the current version.
<h1 id="migrating-from-bunkerized">Migrating from bunkerized</h1>
<div class="admonition warning">
<p class="admonition-title">Read this if you were a bunkerized user</p>
<p>A lot of things have changed since the last bunkerized release. If you want to an upgrade, which we recommend you to do because BunkerWeb is by far better than bunkerized, please read carefully this section and also the whole documentation.</p>
<p>A lot of things have changed since the last bunkerized release. If you want to do an upgrade, which we recommend you to do because BunkerWeb is by far better than bunkerized, please read carefully this section and also the whole documentation.</p>
</div>
<h2 id="volumes">Volumes</h2>
<p>When using container-based integrations like <a href="/1.4/integrations/#docker">Docker</a>, <a href="/1.4/integrations/#docker-autoconf">Docker autoconf</a>, <a href="/1.4/integrations/#swarm">Swarm</a> or <a href="/1.4/integrations/#kubernetes">Kubernetes</a>, volumes for storing data like certificates, cache or custom configurations has changed. We now have a single "bw-data" volume which contains everything and should be easier to manage than bunkerized.</p>
<h2 id="removed-features">Removed features</h2>
<p>We decided to drop the following features :</p>
<ul>
<li>Authelia : we will make an official <a href="/1.4/plugins">plugin</a> for that</li>
<li>Blocking "bad" referrers : we may add it again in the future</li>
<li>ROOT_SITE_SUBFOLDER : we will need to redesign this in the future</li>
</ul>
<h2 id="replaced-block_-whitelist_-and-blacklist_-settings">Replaced BLOCK_<em>, WHITELIST_</em> and BLACKLIST_* settings</h2>
<h2 id="changed-authelia-support">Changed Authelia support</h2>
<p>Instead of supporting only Authelia, we decided to support generic auth request settings. See the new <a href="https://github.com/bunkerity/bunkerweb/tree/master/examples/authelia">authelia example</a> and <a href="https://docs.bunkerweb.io/1.4/security-tuning/#auth-request">auth request documentation</a> for more information.</p>
<h2 id="replaced-block_-whitelist_-and-blacklist_-settings">Replaced BLOCK_*, WHITELIST_* and BLACKLIST_* settings</h2>
<p>The blocking mechanisms has been completely redesigned. We have detected that a lot of false positives came from the default blacklists hardcoded into bunkerized. That's why we decided to give the users the choice of their blacklists (and also whitelists) for IP address, reverse DNS, user-agent, URI and ASN, see the <a href="/1.4/security-tuning/#blacklisting-and-whitelisting">Blacklisting and whitelisting</a> section of the <a href="/1.4/security-tuning">security tuning</a>.</p>
<h2 id="changed-whitelist_user_agent-setting-behavior">Changed WHITELIST_USER_AGENT setting behavior</h2>
<p>The new behavior of the WHITELIST_USER_AGENT setting is to <strong>disable completely security checks</strong> if the User-Agent value of a client match any of the patterns. In bunkerized it was used to ignore specific User-Agent values when <code>BLOCK_USER_AGENT</code> was set to <code>yes</code> to avoid false positives. You can choose the blacklist of your choice to avoid FP (see previous section).</p>
@ -759,7 +767,7 @@ documentation for the current version.
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate", "content.code.annotate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script src="../assets/javascripts/bundle.467223ff.min.js"></script>

262
1.4/plugins/index.html
View File

@ -714,66 +714,66 @@ documentation for the current version.
<div class="tabbed-block">
<p>When using the <a href="/1.4/integrations/#docker">Docker integration</a>, plugins must be written to the volume mounted on <code>/data</code>.</p>
<p>The first thing to do is to create the plugins folder :
<div class="highlight"><pre><span></span><code><a id="__codelineno-0-1" name="__codelineno-0-1" href="#__codelineno-0-1"></a>mkdir -p ./bw-data/plugins
<div class="highlight"><pre><span></span><code>mkdir -p ./bw-data/plugins
</code></pre></div></p>
<p>Then you can drop the plugins of your choice into that folder :
<div class="highlight"><pre><span></span><code><a id="__codelineno-1-1" name="__codelineno-1-1" href="#__codelineno-1-1"></a>git clone https://github.com/bunkerity/bunkerweb-plugins <span class="o">&amp;&amp;</span> <span class="se">\</span>
<a id="__codelineno-1-2" name="__codelineno-1-2" href="#__codelineno-1-2"></a>cp -rp ./bunkerweb-plugins/* ./bw-data/plugins
<div class="highlight"><pre><span></span><code>git clone https://github.com/bunkerity/bunkerweb-plugins <span class="o">&amp;&amp;</span> <span class="se">\</span>
cp -rp ./bunkerweb-plugins/* ./bw-data/plugins
</code></pre></div></p>
<p>Because BunkerWeb runs as an unprivileged user with UID and GID 101, you will need to edit the permissions :
<div class="highlight"><pre><span></span><code><a id="__codelineno-2-1" name="__codelineno-2-1" href="#__codelineno-2-1"></a>chown -R root:101 bw-data <span class="o">&amp;&amp;</span> <span class="se">\</span>
<a id="__codelineno-2-2" name="__codelineno-2-2" href="#__codelineno-2-2"></a>chmod -R <span class="m">770</span> bw-data
<div class="highlight"><pre><span></span><code>chown -R root:101 bw-data <span class="o">&amp;&amp;</span> <span class="se">\</span>
chmod -R <span class="m">770</span> bw-data
</code></pre></div></p>
<p>When starting the BunkerWeb container, you will need to mount the folder on <code>/data</code> :
<div class="highlight"><pre><span></span><code><a id="__codelineno-3-1" name="__codelineno-3-1" href="#__codelineno-3-1"></a>docker run <span class="se">\</span>
<a id="__codelineno-3-2" name="__codelineno-3-2" href="#__codelineno-3-2"></a> ...
<a id="__codelineno-3-3" name="__codelineno-3-3" href="#__codelineno-3-3"></a> -v <span class="s2">&quot;</span><span class="si">${</span><span class="nv">PWD</span><span class="si">}</span><span class="s2">/bw-data:/data&quot;</span> <span class="se">\</span>
<a id="__codelineno-3-4" name="__codelineno-3-4" href="#__codelineno-3-4"></a> ...
<a id="__codelineno-3-5" name="__codelineno-3-5" href="#__codelineno-3-5"></a> bunkerity/bunkerweb:1.4.0
<div class="highlight"><pre><span></span><code>docker run <span class="se">\</span>
...
-v <span class="s2">&quot;</span><span class="si">${</span><span class="nv">PWD</span><span class="si">}</span><span class="s2">/bw-data:/data&quot;</span> <span class="se">\</span>
...
bunkerity/bunkerweb:1.4.1
</code></pre></div></p>
<p>Here is the docker-compose equivalent :
<div class="highlight"><pre><span></span><code><a id="__codelineno-4-1" name="__codelineno-4-1" href="#__codelineno-4-1"></a><span class="nt">mybunker</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-4-2" name="__codelineno-4-2" href="#__codelineno-4-2"></a><span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bunkerity/bunkerweb:1.4.0</span><span class="w"></span>
<a id="__codelineno-4-3" name="__codelineno-4-3" href="#__codelineno-4-3"></a><span class="w"> </span><span class="nt">volumes</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-4-4" name="__codelineno-4-4" href="#__codelineno-4-4"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">./bw-data:/data</span><span class="w"></span>
<a id="__codelineno-4-5" name="__codelineno-4-5" href="#__codelineno-4-5"></a><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">...</span><span class="w"></span>
<div class="highlight"><pre><span></span><code><span class="nt">mybunker</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bunkerity/bunkerweb:1.4.1</span><span class="w"></span>
<span class="w"> </span><span class="nt">volumes</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">./bw-data:/data</span><span class="w"></span>
<span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">...</span><span class="w"></span>
</code></pre></div></p>
</div>
<div class="tabbed-block">
<p>When using the <a href="/1.4/integrations/#docker-autoconf">Docker autoconf integration</a>, plugins must be written to the volume mounted on <code>/data</code>.</p>
<p>The easiest way to do it is by starting the Docker autoconf stack with a folder mounted on <code>/data</code> (instead of a named volume). Once the stack is started, you can copy the plugins of your choice to the <code>plugins</code> folder from your host :
<div class="highlight"><pre><span></span><code><a id="__codelineno-5-1" name="__codelineno-5-1" href="#__codelineno-5-1"></a>git clone https://github.com/bunkerity/bunkerweb-plugins <span class="o">&amp;&amp;</span> <span class="se">\</span>
<a id="__codelineno-5-2" name="__codelineno-5-2" href="#__codelineno-5-2"></a>cp -rp ./bunkerweb-plugins/* ./bw-data/plugins
<div class="highlight"><pre><span></span><code>git clone https://github.com/bunkerity/bunkerweb-plugins <span class="o">&amp;&amp;</span> <span class="se">\</span>
cp -rp ./bunkerweb-plugins/* ./bw-data/plugins
</code></pre></div></p>
<p>Because BunkerWeb runs as an unprivileged user with UID and GID 101, you will need to edit the permissions :
<div class="highlight"><pre><span></span><code><a id="__codelineno-6-1" name="__codelineno-6-1" href="#__codelineno-6-1"></a>chown -R root:101 bw-data <span class="o">&amp;&amp;</span> <span class="se">\</span>
<a id="__codelineno-6-2" name="__codelineno-6-2" href="#__codelineno-6-2"></a>chmod -R <span class="m">770</span> bw-data
<div class="highlight"><pre><span></span><code>chown -R root:101 bw-data <span class="o">&amp;&amp;</span> <span class="se">\</span>
chmod -R <span class="m">770</span> bw-data
</code></pre></div></p>
</div>
<div class="tabbed-block">
<p>When using the <a href="/1.4/integrations/#swarm">Swarm integration</a>, the easiest way of installing plugins is by using <code>docker exec</code> and downloading the plugins from the container.</p>
<p>Execute a shell inside the autoconf container (use <code>docker ps</code> to get the name) :
<div class="highlight"><pre><span></span><code><a id="__codelineno-7-1" name="__codelineno-7-1" href="#__codelineno-7-1"></a>docker <span class="nb">exec</span> -it myautoconf /bin/bash
<div class="highlight"><pre><span></span><code>docker <span class="nb">exec</span> -it myautoconf /bin/bash
</code></pre></div></p>
<p>Once you have a shell inside the container, you can drop the plugins of your choice inside the <code>/data/plugins</code> folder :
<div class="highlight"><pre><span></span><code><a id="__codelineno-8-1" name="__codelineno-8-1" href="#__codelineno-8-1"></a>git clone https://github.com/bunkerity/bunkerweb-plugins <span class="o">&amp;&amp;</span> <span class="se">\</span>
<a id="__codelineno-8-2" name="__codelineno-8-2" href="#__codelineno-8-2"></a>cp -rp ./bunkerweb-plugins/* /data/plugins
<div class="highlight"><pre><span></span><code>git clone https://github.com/bunkerity/bunkerweb-plugins <span class="o">&amp;&amp;</span> <span class="se">\</span>
cp -rp ./bunkerweb-plugins/* /data/plugins
</code></pre></div></p>
</div>
<div class="tabbed-block">
<p>When using the <a href="/1.4/integrations/#kubernetes">Kubernetes integration</a>, the easiest way of installing plugins is by using <code>kubectl exec</code> and downloading the plugins from the container.</p>
<p>Execute a shell inside the autoconf container (use <code>kubectl get pods</code> to get the name) :
<div class="highlight"><pre><span></span><code><a id="__codelineno-9-1" name="__codelineno-9-1" href="#__codelineno-9-1"></a>kubectl <span class="nb">exec</span> -it myautoconf -- /bin/bash
<div class="highlight"><pre><span></span><code>kubectl <span class="nb">exec</span> -it myautoconf -- /bin/bash
</code></pre></div></p>
<p>Once you have a shell inside the container, you can drop the plugins of your choice inside the <code>/data/plugins</code> folder :
<div class="highlight"><pre><span></span><code><a id="__codelineno-10-1" name="__codelineno-10-1" href="#__codelineno-10-1"></a>git clone https://github.com/bunkerity/bunkerweb-plugins <span class="o">&amp;&amp;</span> <span class="se">\</span>
<a id="__codelineno-10-2" name="__codelineno-10-2" href="#__codelineno-10-2"></a>cp -rp ./bunkerweb-plugins/* /data/plugins
<div class="highlight"><pre><span></span><code>git clone https://github.com/bunkerity/bunkerweb-plugins <span class="o">&amp;&amp;</span> <span class="se">\</span>
cp -rp ./bunkerweb-plugins/* /data/plugins
</code></pre></div></p>
</div>
<div class="tabbed-block">
<p>When using the <a href="/1.4/integrations/#linux">Linux integration</a>, plugins must be written to the <code>/opt/bunkerweb/plugins</code> folder :
<div class="highlight"><pre><span></span><code><a id="__codelineno-11-1" name="__codelineno-11-1" href="#__codelineno-11-1"></a>git clone https://github.com/bunkerity/bunkerweb-plugins <span class="o">&amp;&amp;</span> <span class="se">\</span>
<a id="__codelineno-11-2" name="__codelineno-11-2" href="#__codelineno-11-2"></a>cp -rp ./bunkerweb-plugins/* /data/plugins
<div class="highlight"><pre><span></span><code>git clone https://github.com/bunkerity/bunkerweb-plugins <span class="o">&amp;&amp;</span> <span class="se">\</span>
cp -rp ./bunkerweb-plugins/* /data/plugins
</code></pre></div></p>
</div>
</div>
@ -785,36 +785,36 @@ documentation for the current version.
<p>If the documentation is not enough you can have a look at the existing source code of <a href="https://github.com/bunkerity/bunkerweb-plugins">official plugins</a> and the <a href="https://github.com/bunkerity/bunkerweb/tree/master/core">core plugins</a> (already included in BunkerWeb but they are plugins technically speaking).</p>
</div>
<p>The first step is to create a folder that will contain the plugin :</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-12-1" name="__codelineno-12-1" href="#__codelineno-12-1"></a>mkdir myplugin <span class="o">&amp;&amp;</span> <span class="se">\</span>
<a id="__codelineno-12-2" name="__codelineno-12-2" href="#__codelineno-12-2"></a><span class="nb">cd</span> myplugin
<div class="highlight"><pre><span></span><code>mkdir myplugin <span class="o">&amp;&amp;</span> <span class="se">\</span>
<span class="nb">cd</span> myplugin
</code></pre></div>
<h3 id="metadata">Metadata</h3>
<p>A file named <strong>plugin.json</strong> and written at the root of the plugin folder must contain metadata about the plugin. Here is an example :</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-13-1" name="__codelineno-13-1" href="#__codelineno-13-1"></a><span class="p">{</span><span class="w"></span>
<a id="__codelineno-13-2" name="__codelineno-13-2" href="#__codelineno-13-2"></a><span class="w"> </span><span class="nt">&quot;id&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;myplugin&quot;</span><span class="p">,</span><span class="w"></span>
<a id="__codelineno-13-3" name="__codelineno-13-3" href="#__codelineno-13-3"></a><span class="w"> </span><span class="nt">&quot;order&quot;</span><span class="p">:</span><span class="w"> </span><span class="mi">42</span><span class="p">,</span><span class="w"></span>
<a id="__codelineno-13-4" name="__codelineno-13-4" href="#__codelineno-13-4"></a><span class="w"> </span><span class="nt">&quot;name&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;My Plugin&quot;</span><span class="p">,</span><span class="w"></span>
<a id="__codelineno-13-5" name="__codelineno-13-5" href="#__codelineno-13-5"></a><span class="w"> </span><span class="nt">&quot;description&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Just an example plugin.&quot;</span><span class="p">,</span><span class="w"></span>
<a id="__codelineno-13-6" name="__codelineno-13-6" href="#__codelineno-13-6"></a><span class="w"> </span><span class="nt">&quot;version&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;1.0&quot;</span><span class="p">,</span><span class="w"></span>
<a id="__codelineno-13-7" name="__codelineno-13-7" href="#__codelineno-13-7"></a><span class="w"> </span><span class="nt">&quot;settings&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"></span>
<a id="__codelineno-13-8" name="__codelineno-13-8" href="#__codelineno-13-8"></a><span class="w"> </span><span class="nt">&quot;DUMMY_SETTING&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"></span>
<a id="__codelineno-13-9" name="__codelineno-13-9" href="#__codelineno-13-9"></a><span class="w"> </span><span class="nt">&quot;context&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;multisite&quot;</span><span class="p">,</span><span class="w"></span>
<a id="__codelineno-13-10" name="__codelineno-13-10" href="#__codelineno-13-10"></a><span class="w"> </span><span class="nt">&quot;default&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;1234&quot;</span><span class="p">,</span><span class="w"></span>
<a id="__codelineno-13-11" name="__codelineno-13-11" href="#__codelineno-13-11"></a><span class="w"> </span><span class="nt">&quot;help&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Here is the help of the setting.&quot;</span><span class="p">,</span><span class="w"></span>
<a id="__codelineno-13-12" name="__codelineno-13-12" href="#__codelineno-13-12"></a><span class="w"> </span><span class="nt">&quot;id&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;dummy-id&quot;</span><span class="p">,</span><span class="w"></span>
<a id="__codelineno-13-13" name="__codelineno-13-13" href="#__codelineno-13-13"></a><span class="w"> </span><span class="nt">&quot;label&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Dummy setting&quot;</span><span class="p">,</span><span class="w"></span>
<a id="__codelineno-13-14" name="__codelineno-13-14" href="#__codelineno-13-14"></a><span class="w"> </span><span class="nt">&quot;regex&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;^.*$&quot;</span><span class="p">,</span><span class="w"></span>
<a id="__codelineno-13-15" name="__codelineno-13-15" href="#__codelineno-13-15"></a><span class="w"> </span><span class="nt">&quot;type&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;text&quot;</span><span class="w"></span>
<a id="__codelineno-13-16" name="__codelineno-13-16" href="#__codelineno-13-16"></a><span class="w"> </span><span class="p">}</span><span class="w"></span>
<a id="__codelineno-13-17" name="__codelineno-13-17" href="#__codelineno-13-17"></a><span class="w"> </span><span class="p">}</span><span class="w"></span>
<a id="__codelineno-13-18" name="__codelineno-13-18" href="#__codelineno-13-18"></a><span class="w"> </span><span class="nt">&quot;jobs&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"></span>
<a id="__codelineno-13-19" name="__codelineno-13-19" href="#__codelineno-13-19"></a><span class="w"> </span><span class="p">{</span><span class="w"></span>
<a id="__codelineno-13-20" name="__codelineno-13-20" href="#__codelineno-13-20"></a><span class="w"> </span><span class="nt">&quot;name&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;my-job&quot;</span><span class="p">,</span><span class="w"></span>
<a id="__codelineno-13-21" name="__codelineno-13-21" href="#__codelineno-13-21"></a><span class="w"> </span><span class="nt">&quot;file&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;my-job.py&quot;</span><span class="p">,</span><span class="w"></span>
<a id="__codelineno-13-22" name="__codelineno-13-22" href="#__codelineno-13-22"></a><span class="w"> </span><span class="nt">&quot;every&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;hour&quot;</span><span class="w"></span>
<a id="__codelineno-13-23" name="__codelineno-13-23" href="#__codelineno-13-23"></a><span class="w"> </span><span class="p">}</span><span class="w"></span>
<a id="__codelineno-13-24" name="__codelineno-13-24" href="#__codelineno-13-24"></a><span class="w"> </span><span class="p">]</span><span class="w"></span>
<a id="__codelineno-13-25" name="__codelineno-13-25" href="#__codelineno-13-25"></a><span class="p">}</span><span class="w"></span>
<div class="highlight"><pre><span></span><code><span class="p">{</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;id&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;myplugin&quot;</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;order&quot;</span><span class="p">:</span><span class="w"> </span><span class="mi">42</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;name&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;My Plugin&quot;</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;description&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Just an example plugin.&quot;</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;version&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;1.0&quot;</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;settings&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;DUMMY_SETTING&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;context&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;multisite&quot;</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;default&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;1234&quot;</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;help&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Here is the help of the setting.&quot;</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;id&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;dummy-id&quot;</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;label&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;Dummy setting&quot;</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;regex&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;^.*$&quot;</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;type&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;text&quot;</span><span class="w"></span>
<span class="w"> </span><span class="p">}</span><span class="w"></span>
<span class="w"> </span><span class="p">}</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;jobs&quot;</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"></span>
<span class="w"> </span><span class="p">{</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;name&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;my-job&quot;</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;file&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;my-job.py&quot;</span><span class="p">,</span><span class="w"></span>
<span class="w"> </span><span class="nt">&quot;every&quot;</span><span class="p">:</span><span class="w"> </span><span class="s2">&quot;hour&quot;</span><span class="w"></span>
<span class="w"> </span><span class="p">}</span><span class="w"></span>
<span class="w"> </span><span class="p">]</span><span class="w"></span>
<span class="p">}</span><span class="w"></span>
</code></pre></div>
<p>Here are the details of the fields :</p>
<table>
@ -972,46 +972,46 @@ documentation for the current version.
<h3 id="configurations">Configurations</h3>
<p>You can add custom NGINX configurations by adding a folder named <strong>confs</strong> with content similar to the <a href="/1.4/quickstart-guide/#custom-configurations">custom configurations</a>. Each subfolder inside the <strong>confs</strong> will contain <a href="https://jinja.palletsprojects.com">jinja2</a> templates that will be generated and loaded at the corresponding context (<code>http</code>, <code>server-http</code> and <code>default-server-http</code>).</p>
<p>Here is an example for a configuration template file inside the <strong>confs/server-http</strong> folder named <strong>example.conf</strong> :</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-14-1" name="__codelineno-14-1" href="#__codelineno-14-1"></a>location /setting {
<a id="__codelineno-14-2" name="__codelineno-14-2" href="#__codelineno-14-2"></a> default_type &#39;text/plain&#39;;
<a id="__codelineno-14-3" name="__codelineno-14-3" href="#__codelineno-14-3"></a> content_by_lua_block {
<a id="__codelineno-14-4" name="__codelineno-14-4" href="#__codelineno-14-4"></a> ngx.say(&#39;{{ DUMMY_SETTING }}&#39;)
<a id="__codelineno-14-5" name="__codelineno-14-5" href="#__codelineno-14-5"></a> }
<a id="__codelineno-14-6" name="__codelineno-14-6" href="#__codelineno-14-6"></a>}
<div class="highlight"><pre><span></span><code>location /setting {
default_type &#39;text/plain&#39;;
content_by_lua_block {
ngx.say(&#39;{{ DUMMY_SETTING }}&#39;)
}
}
</code></pre></div>
<p><code>{{ DUMMY_SETTING }}</code> will be replaced by the value of the <code>DUMMY_SETTING</code> chosen by the user of the plugin.</p>
<h3 id="lua">LUA</h3>
<h4 id="main-script">Main script</h4>
<p>Under the hood, BunkerWeb is using the <a href="https://github.com/openresty/lua-nginx-module">NGINX LUA module</a> to execute code within NGINX. Plugins that need to execute code must provide a lua file at the root directory of the plugin folder using the <code>id</code> value of <strong>plugin.json</strong> as its name. Here is an example named <strong>myplugin.lua</strong> :</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-15-1" name="__codelineno-15-1" href="#__codelineno-15-1"></a><span class="kd">local</span> <span class="n">_M</span> <span class="o">=</span> <span class="p">{}</span>
<a id="__codelineno-15-2" name="__codelineno-15-2" href="#__codelineno-15-2"></a><span class="n">_M</span><span class="p">.</span><span class="n">__index</span> <span class="o">=</span> <span class="n">_M</span>
<a id="__codelineno-15-3" name="__codelineno-15-3" href="#__codelineno-15-3"></a>
<a id="__codelineno-15-4" name="__codelineno-15-4" href="#__codelineno-15-4"></a><span class="kd">local</span> <span class="n">utils</span> <span class="o">=</span> <span class="nb">require</span> <span class="s2">&quot;utils&quot;</span>
<a id="__codelineno-15-5" name="__codelineno-15-5" href="#__codelineno-15-5"></a><span class="kd">local</span> <span class="n">datastore</span> <span class="o">=</span> <span class="nb">require</span> <span class="s2">&quot;datastore&quot;</span>
<a id="__codelineno-15-6" name="__codelineno-15-6" href="#__codelineno-15-6"></a><span class="kd">local</span> <span class="n">logger</span> <span class="o">=</span> <span class="nb">require</span> <span class="s2">&quot;logger&quot;</span>
<a id="__codelineno-15-7" name="__codelineno-15-7" href="#__codelineno-15-7"></a>
<a id="__codelineno-15-8" name="__codelineno-15-8" href="#__codelineno-15-8"></a><span class="kr">function</span> <span class="nc">_M</span><span class="p">.</span><span class="nf">new</span><span class="p">()</span>
<a id="__codelineno-15-9" name="__codelineno-15-9" href="#__codelineno-15-9"></a> <span class="kd">local</span> <span class="n">self</span> <span class="o">=</span> <span class="nb">setmetatable</span><span class="p">({},</span> <span class="n">_M</span><span class="p">)</span>
<a id="__codelineno-15-10" name="__codelineno-15-10" href="#__codelineno-15-10"></a> <span class="n">self</span><span class="p">.</span><span class="n">dummy</span> <span class="o">=</span> <span class="s2">&quot;dummy&quot;</span>
<a id="__codelineno-15-11" name="__codelineno-15-11" href="#__codelineno-15-11"></a> <span class="kr">return</span> <span class="n">self</span><span class="p">,</span> <span class="kc">nil</span>
<a id="__codelineno-15-12" name="__codelineno-15-12" href="#__codelineno-15-12"></a><span class="kr">end</span>
<a id="__codelineno-15-13" name="__codelineno-15-13" href="#__codelineno-15-13"></a>
<a id="__codelineno-15-14" name="__codelineno-15-14" href="#__codelineno-15-14"></a><span class="kr">function</span> <span class="nc">_M</span><span class="p">:</span><span class="nf">init</span><span class="p">()</span>
<a id="__codelineno-15-15" name="__codelineno-15-15" href="#__codelineno-15-15"></a> <span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">NOTICE</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;init called&quot;</span><span class="p">)</span>
<a id="__codelineno-15-16" name="__codelineno-15-16" href="#__codelineno-15-16"></a> <span class="kr">return</span> <span class="kc">true</span><span class="p">,</span> <span class="s2">&quot;success&quot;</span>
<a id="__codelineno-15-17" name="__codelineno-15-17" href="#__codelineno-15-17"></a><span class="kr">end</span>
<a id="__codelineno-15-18" name="__codelineno-15-18" href="#__codelineno-15-18"></a>
<a id="__codelineno-15-19" name="__codelineno-15-19" href="#__codelineno-15-19"></a><span class="kr">function</span> <span class="nc">_M</span><span class="p">:</span><span class="nf">access</span><span class="p">()</span>
<a id="__codelineno-15-20" name="__codelineno-15-20" href="#__codelineno-15-20"></a> <span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">NOTICE</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;access called&quot;</span><span class="p">)</span>
<a id="__codelineno-15-21" name="__codelineno-15-21" href="#__codelineno-15-21"></a> <span class="kr">return</span> <span class="kc">true</span><span class="p">,</span> <span class="s2">&quot;success&quot;</span><span class="p">,</span> <span class="kc">nil</span><span class="p">,</span> <span class="kc">nil</span>
<a id="__codelineno-15-22" name="__codelineno-15-22" href="#__codelineno-15-22"></a><span class="kr">end</span>
<a id="__codelineno-15-23" name="__codelineno-15-23" href="#__codelineno-15-23"></a>
<a id="__codelineno-15-24" name="__codelineno-15-24" href="#__codelineno-15-24"></a><span class="kr">function</span> <span class="nc">_M</span><span class="p">:</span><span class="nf">log</span><span class="p">()</span>
<a id="__codelineno-15-25" name="__codelineno-15-25" href="#__codelineno-15-25"></a> <span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">NOTICE</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;log called&quot;</span><span class="p">)</span>
<a id="__codelineno-15-26" name="__codelineno-15-26" href="#__codelineno-15-26"></a> <span class="kr">return</span> <span class="kc">true</span><span class="p">,</span> <span class="s2">&quot;success&quot;</span>
<a id="__codelineno-15-27" name="__codelineno-15-27" href="#__codelineno-15-27"></a><span class="kr">end</span>
<a id="__codelineno-15-28" name="__codelineno-15-28" href="#__codelineno-15-28"></a>
<a id="__codelineno-15-29" name="__codelineno-15-29" href="#__codelineno-15-29"></a><span class="kr">return</span> <span class="n">_M</span>
<div class="highlight"><pre><span></span><code><span class="kd">local</span> <span class="n">_M</span> <span class="o">=</span> <span class="p">{}</span>
<span class="n">_M</span><span class="p">.</span><span class="n">__index</span> <span class="o">=</span> <span class="n">_M</span>
<span class="kd">local</span> <span class="n">utils</span> <span class="o">=</span> <span class="nb">require</span> <span class="s2">&quot;utils&quot;</span>
<span class="kd">local</span> <span class="n">datastore</span> <span class="o">=</span> <span class="nb">require</span> <span class="s2">&quot;datastore&quot;</span>
<span class="kd">local</span> <span class="n">logger</span> <span class="o">=</span> <span class="nb">require</span> <span class="s2">&quot;logger&quot;</span>
<span class="kr">function</span> <span class="nc">_M</span><span class="p">.</span><span class="nf">new</span><span class="p">()</span>
<span class="kd">local</span> <span class="n">self</span> <span class="o">=</span> <span class="nb">setmetatable</span><span class="p">({},</span> <span class="n">_M</span><span class="p">)</span>
<span class="n">self</span><span class="p">.</span><span class="n">dummy</span> <span class="o">=</span> <span class="s2">&quot;dummy&quot;</span>
<span class="kr">return</span> <span class="n">self</span><span class="p">,</span> <span class="kc">nil</span>
<span class="kr">end</span>
<span class="kr">function</span> <span class="nc">_M</span><span class="p">:</span><span class="nf">init</span><span class="p">()</span>
<span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">NOTICE</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;init called&quot;</span><span class="p">)</span>
<span class="kr">return</span> <span class="kc">true</span><span class="p">,</span> <span class="s2">&quot;success&quot;</span>
<span class="kr">end</span>
<span class="kr">function</span> <span class="nc">_M</span><span class="p">:</span><span class="nf">access</span><span class="p">()</span>
<span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">NOTICE</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;access called&quot;</span><span class="p">)</span>
<span class="kr">return</span> <span class="kc">true</span><span class="p">,</span> <span class="s2">&quot;success&quot;</span><span class="p">,</span> <span class="kc">nil</span><span class="p">,</span> <span class="kc">nil</span>
<span class="kr">end</span>
<span class="kr">function</span> <span class="nc">_M</span><span class="p">:</span><span class="nf">log</span><span class="p">()</span>
<span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">NOTICE</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;log called&quot;</span><span class="p">)</span>
<span class="kr">return</span> <span class="kc">true</span><span class="p">,</span> <span class="s2">&quot;success&quot;</span>
<span class="kr">end</span>
<span class="kr">return</span> <span class="n">_M</span>
</code></pre></div>
<p>The 3 functions <code>init</code>, <code>access</code>, and <code>log</code> are automatically called during specific contexts. Here are the details of each function :</p>
<table>
@ -1047,22 +1047,22 @@ documentation for the current version.
<h4 id="libraries">Libraries</h4>
<p>All directives from <a href="https://github.com/openresty/lua-nginx-module">NGINX LUA module</a> are available. On top of that, you can use the LUA libraries included within BunkerWeb : see <a href="https://github.com/bunkerity/bunkerweb/blob/master/deps/clone.sh">this script</a> for the complete list.</p>
<p>If you need additional libraries, you can put them in the root folder of the plugin and access them by prefixing them with your plugin ID. Here is an example file named <strong>mylibrary.lua</strong> :</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-16-1" name="__codelineno-16-1" href="#__codelineno-16-1"></a><span class="kd">local</span> <span class="n">_M</span> <span class="o">=</span> <span class="p">{}</span>
<a id="__codelineno-16-2" name="__codelineno-16-2" href="#__codelineno-16-2"></a>
<a id="__codelineno-16-3" name="__codelineno-16-3" href="#__codelineno-16-3"></a><span class="n">_M</span><span class="p">.</span><span class="n">dummy</span> <span class="o">=</span> <span class="kr">function</span> <span class="p">()</span>
<a id="__codelineno-16-4" name="__codelineno-16-4" href="#__codelineno-16-4"></a> <span class="kr">return</span> <span class="s2">&quot;dummy&quot;</span>
<a id="__codelineno-16-5" name="__codelineno-16-5" href="#__codelineno-16-5"></a><span class="kr">end</span>
<a id="__codelineno-16-6" name="__codelineno-16-6" href="#__codelineno-16-6"></a>
<a id="__codelineno-16-7" name="__codelineno-16-7" href="#__codelineno-16-7"></a><span class="kr">return</span> <span class="n">_M</span>
<div class="highlight"><pre><span></span><code><span class="kd">local</span> <span class="n">_M</span> <span class="o">=</span> <span class="p">{}</span>
<span class="n">_M</span><span class="p">.</span><span class="n">dummy</span> <span class="o">=</span> <span class="kr">function</span> <span class="p">()</span>
<span class="kr">return</span> <span class="s2">&quot;dummy&quot;</span>
<span class="kr">end</span>
<span class="kr">return</span> <span class="n">_M</span>
</code></pre></div>
<p>And here is how you can use it from the <strong>myplugin.lua</strong> file :</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-17-1" name="__codelineno-17-1" href="#__codelineno-17-1"></a><span class="kd">local</span> <span class="n">mylibrary</span> <span class="o">=</span> <span class="nb">require</span> <span class="s2">&quot;myplugin.mylibrary&quot;</span>
<a id="__codelineno-17-2" name="__codelineno-17-2" href="#__codelineno-17-2"></a>
<a id="__codelineno-17-3" name="__codelineno-17-3" href="#__codelineno-17-3"></a><span class="p">...</span>
<a id="__codelineno-17-4" name="__codelineno-17-4" href="#__codelineno-17-4"></a>
<a id="__codelineno-17-5" name="__codelineno-17-5" href="#__codelineno-17-5"></a><span class="n">mylibrary</span><span class="p">.</span><span class="n">dummy</span><span class="p">()</span>
<a id="__codelineno-17-6" name="__codelineno-17-6" href="#__codelineno-17-6"></a>
<a id="__codelineno-17-7" name="__codelineno-17-7" href="#__codelineno-17-7"></a><span class="p">...</span>
<div class="highlight"><pre><span></span><code><span class="kd">local</span> <span class="n">mylibrary</span> <span class="o">=</span> <span class="nb">require</span> <span class="s2">&quot;myplugin.mylibrary&quot;</span>
<span class="p">...</span>
<span class="n">mylibrary</span><span class="p">.</span><span class="n">dummy</span><span class="p">()</span>
<span class="p">...</span>
</code></pre></div>
<h4 id="helpers">Helpers</h4>
<p>Some helpers modules provide common helpful functions :</p>
@ -1072,39 +1072,39 @@ documentation for the current version.
<li><strong>utils</strong> : various useful functions</li>
</ul>
<p>To access the functions, you first need to <strong>require</strong> the module :</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-18-1" name="__codelineno-18-1" href="#__codelineno-18-1"></a><span class="p">...</span>
<a id="__codelineno-18-2" name="__codelineno-18-2" href="#__codelineno-18-2"></a>
<a id="__codelineno-18-3" name="__codelineno-18-3" href="#__codelineno-18-3"></a><span class="kd">local</span> <span class="n">utils</span> <span class="o">=</span> <span class="nb">require</span> <span class="s2">&quot;utils&quot;</span>
<a id="__codelineno-18-4" name="__codelineno-18-4" href="#__codelineno-18-4"></a><span class="kd">local</span> <span class="n">datastore</span> <span class="o">=</span> <span class="nb">require</span> <span class="s2">&quot;datastore&quot;</span>
<a id="__codelineno-18-5" name="__codelineno-18-5" href="#__codelineno-18-5"></a><span class="kd">local</span> <span class="n">logger</span> <span class="o">=</span> <span class="nb">require</span> <span class="s2">&quot;logger&quot;</span>
<a id="__codelineno-18-6" name="__codelineno-18-6" href="#__codelineno-18-6"></a>
<a id="__codelineno-18-7" name="__codelineno-18-7" href="#__codelineno-18-7"></a><span class="p">...</span>
<div class="highlight"><pre><span></span><code><span class="p">...</span>
<span class="kd">local</span> <span class="n">utils</span> <span class="o">=</span> <span class="nb">require</span> <span class="s2">&quot;utils&quot;</span>
<span class="kd">local</span> <span class="n">datastore</span> <span class="o">=</span> <span class="nb">require</span> <span class="s2">&quot;datastore&quot;</span>
<span class="kd">local</span> <span class="n">logger</span> <span class="o">=</span> <span class="nb">require</span> <span class="s2">&quot;logger&quot;</span>
<span class="p">...</span>
</code></pre></div>
<p>Retrieve a setting value :</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-19-1" name="__codelineno-19-1" href="#__codelineno-19-1"></a><span class="kd">local</span> <span class="n">value</span><span class="p">,</span> <span class="n">err</span> <span class="o">=</span> <span class="n">utils</span><span class="p">:</span><span class="n">get_variable</span><span class="p">(</span><span class="s2">&quot;DUMMY_SETTING&quot;</span><span class="p">)</span>
<a id="__codelineno-19-2" name="__codelineno-19-2" href="#__codelineno-19-2"></a><span class="kr">if</span> <span class="ow">not</span> <span class="n">value</span> <span class="kr">then</span>
<a id="__codelineno-19-3" name="__codelineno-19-3" href="#__codelineno-19-3"></a> <span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">ERR</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;can&#39;t retrieve setting DUMMY_SETTING : &quot;</span> <span class="o">..</span> <span class="n">err</span><span class="p">)</span>
<a id="__codelineno-19-4" name="__codelineno-19-4" href="#__codelineno-19-4"></a><span class="kr">else</span>
<a id="__codelineno-19-5" name="__codelineno-19-5" href="#__codelineno-19-5"></a> <span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">NOTICE</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;DUMMY_SETTING = &quot;</span> <span class="o">..</span> <span class="n">value</span><span class="p">)</span>
<a id="__codelineno-19-6" name="__codelineno-19-6" href="#__codelineno-19-6"></a><span class="kr">end</span>
<div class="highlight"><pre><span></span><code><span class="kd">local</span> <span class="n">value</span><span class="p">,</span> <span class="n">err</span> <span class="o">=</span> <span class="n">utils</span><span class="p">:</span><span class="n">get_variable</span><span class="p">(</span><span class="s2">&quot;DUMMY_SETTING&quot;</span><span class="p">)</span>
<span class="kr">if</span> <span class="ow">not</span> <span class="n">value</span> <span class="kr">then</span>
<span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">ERR</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;can&#39;t retrieve setting DUMMY_SETTING : &quot;</span> <span class="o">..</span> <span class="n">err</span><span class="p">)</span>
<span class="kr">else</span>
<span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">NOTICE</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;DUMMY_SETTING = &quot;</span> <span class="o">..</span> <span class="n">value</span><span class="p">)</span>
<span class="kr">end</span>
</code></pre></div>
<p>Store something in the cache :</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-20-1" name="__codelineno-20-1" href="#__codelineno-20-1"></a><span class="kd">local</span> <span class="n">ok</span><span class="p">,</span> <span class="n">err</span> <span class="o">=</span> <span class="n">datastore</span><span class="p">:</span><span class="n">set</span><span class="p">(</span><span class="s2">&quot;plugin_myplugin_something&quot;</span><span class="p">,</span> <span class="s2">&quot;somevalue&quot;</span><span class="p">)</span>
<a id="__codelineno-20-2" name="__codelineno-20-2" href="#__codelineno-20-2"></a><span class="kr">if</span> <span class="ow">not</span> <span class="n">value</span> <span class="kr">then</span>
<a id="__codelineno-20-3" name="__codelineno-20-3" href="#__codelineno-20-3"></a> <span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">ERR</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;can&#39;t save plugin_myplugin_something into datastore : &quot;</span> <span class="o">..</span> <span class="n">err</span><span class="p">)</span>
<a id="__codelineno-20-4" name="__codelineno-20-4" href="#__codelineno-20-4"></a><span class="kr">else</span>
<a id="__codelineno-20-5" name="__codelineno-20-5" href="#__codelineno-20-5"></a> <span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">NOTICE</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;successfully saved plugin_myplugin_something into datastore into datastore&quot;</span><span class="p">)</span>
<a id="__codelineno-20-6" name="__codelineno-20-6" href="#__codelineno-20-6"></a><span class="kr">end</span>
<div class="highlight"><pre><span></span><code><span class="kd">local</span> <span class="n">ok</span><span class="p">,</span> <span class="n">err</span> <span class="o">=</span> <span class="n">datastore</span><span class="p">:</span><span class="n">set</span><span class="p">(</span><span class="s2">&quot;plugin_myplugin_something&quot;</span><span class="p">,</span> <span class="s2">&quot;somevalue&quot;</span><span class="p">)</span>
<span class="kr">if</span> <span class="ow">not</span> <span class="n">value</span> <span class="kr">then</span>
<span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">ERR</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;can&#39;t save plugin_myplugin_something into datastore : &quot;</span> <span class="o">..</span> <span class="n">err</span><span class="p">)</span>
<span class="kr">else</span>
<span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">NOTICE</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;successfully saved plugin_myplugin_something into datastore into datastore&quot;</span><span class="p">)</span>
<span class="kr">end</span>
</code></pre></div>
<p>Check if an IP address is global :</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-21-1" name="__codelineno-21-1" href="#__codelineno-21-1"></a><span class="kd">local</span> <span class="n">ret</span><span class="p">,</span> <span class="n">err</span> <span class="o">=</span> <span class="n">utils</span><span class="p">.</span><span class="n">ip_is_global</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">var</span><span class="p">.</span><span class="n">remote_addr</span><span class="p">)</span>
<a id="__codelineno-21-2" name="__codelineno-21-2" href="#__codelineno-21-2"></a><span class="kr">if</span> <span class="n">ret</span> <span class="o">==</span> <span class="kc">nil</span> <span class="kr">then</span>
<a id="__codelineno-21-3" name="__codelineno-21-3" href="#__codelineno-21-3"></a> <span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">ERR</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;error while checking if IP &quot;</span> <span class="o">..</span> <span class="n">ngx</span><span class="p">.</span><span class="n">var</span><span class="p">.</span><span class="n">remote_addr</span> <span class="o">..</span> <span class="s2">&quot; is global or not : &quot;</span> <span class="o">..</span> <span class="n">err</span><span class="p">)</span>
<a id="__codelineno-21-4" name="__codelineno-21-4" href="#__codelineno-21-4"></a><span class="kr">elseif</span> <span class="ow">not</span> <span class="n">ret</span> <span class="kr">then</span>
<a id="__codelineno-21-5" name="__codelineno-21-5" href="#__codelineno-21-5"></a> <span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">NOTICE</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;IP &quot;</span> <span class="o">..</span> <span class="n">ngx</span><span class="p">.</span><span class="n">var</span><span class="p">.</span><span class="n">remote_addr</span> <span class="o">..</span> <span class="s2">&quot; is not global&quot;</span><span class="p">)</span>
<a id="__codelineno-21-6" name="__codelineno-21-6" href="#__codelineno-21-6"></a><span class="kr">else</span>
<a id="__codelineno-21-7" name="__codelineno-21-7" href="#__codelineno-21-7"></a> <span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">NOTICE</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;IP &quot;</span> <span class="o">..</span> <span class="n">ngx</span><span class="p">.</span><span class="n">var</span><span class="p">.</span><span class="n">remote_addr</span> <span class="o">..</span> <span class="s2">&quot; is global&quot;</span><span class="p">)</span>
<a id="__codelineno-21-8" name="__codelineno-21-8" href="#__codelineno-21-8"></a><span class="kr">end</span>
<div class="highlight"><pre><span></span><code><span class="kd">local</span> <span class="n">ret</span><span class="p">,</span> <span class="n">err</span> <span class="o">=</span> <span class="n">utils</span><span class="p">.</span><span class="n">ip_is_global</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">var</span><span class="p">.</span><span class="n">remote_addr</span><span class="p">)</span>
<span class="kr">if</span> <span class="n">ret</span> <span class="o">==</span> <span class="kc">nil</span> <span class="kr">then</span>
<span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">ERR</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;error while checking if IP &quot;</span> <span class="o">..</span> <span class="n">ngx</span><span class="p">.</span><span class="n">var</span><span class="p">.</span><span class="n">remote_addr</span> <span class="o">..</span> <span class="s2">&quot; is global or not : &quot;</span> <span class="o">..</span> <span class="n">err</span><span class="p">)</span>
<span class="kr">elseif</span> <span class="ow">not</span> <span class="n">ret</span> <span class="kr">then</span>
<span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">NOTICE</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;IP &quot;</span> <span class="o">..</span> <span class="n">ngx</span><span class="p">.</span><span class="n">var</span><span class="p">.</span><span class="n">remote_addr</span> <span class="o">..</span> <span class="s2">&quot; is not global&quot;</span><span class="p">)</span>
<span class="kr">else</span>
<span class="n">logger</span><span class="p">.</span><span class="n">log</span><span class="p">(</span><span class="n">ngx</span><span class="p">.</span><span class="n">NOTICE</span><span class="p">,</span> <span class="s2">&quot;MYPLUGIN&quot;</span><span class="p">,</span> <span class="s2">&quot;IP &quot;</span> <span class="o">..</span> <span class="n">ngx</span><span class="p">.</span><span class="n">var</span><span class="p">.</span><span class="n">remote_addr</span> <span class="o">..</span> <span class="s2">&quot; is global&quot;</span><span class="p">)</span>
<span class="kr">end</span>
</code></pre></div>
<div class="admonition tip">
<p class="admonition-title">More examples</p>
@ -1216,7 +1216,7 @@ documentation for the current version.
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate", "content.code.annotate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script src="../assets/javascripts/bundle.467223ff.min.js"></script>

1604
1.4/quickstart-guide/index.html
View File

File diff suppressed because it is too large Load Diff

2
1.4/search/search_index.json
View File

File diff suppressed because one or more lines are too long

86
1.4/security-tuning/index.html
View File

@ -700,6 +700,26 @@ documentation for the current version.
Authentication
</a>
<nav class="md-nav" aria-label="Authentication">
<ul class="md-nav__list">
<li class="md-nav__item">
<a href="#auth-basic" class="md-nav__link">
Auth basic
</a>
</li>
<li class="md-nav__item">
<a href="#auth-request" class="md-nav__link">
Auth request
</a>
</li>
</ul>
</nav>
</li>
</ul>
@ -1039,18 +1059,18 @@ documentation for the current version.
<li>modsec : after the OWASP Core Rule Set is loaded (also used if CRS is not loaded)</li>
</ul>
<p>For example, you can add a custom configuration with type <code>modsec-crs</code> to add CRS exclusions :</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-0-1" name="__codelineno-0-1" href="#__codelineno-0-1"></a>SecAction \
<a id="__codelineno-0-2" name="__codelineno-0-2" href="#__codelineno-0-2"></a> &quot;id:900130,\
<a id="__codelineno-0-3" name="__codelineno-0-3" href="#__codelineno-0-3"></a> phase:1,\
<a id="__codelineno-0-4" name="__codelineno-0-4" href="#__codelineno-0-4"></a> nolog,\
<a id="__codelineno-0-5" name="__codelineno-0-5" href="#__codelineno-0-5"></a> pass,\
<a id="__codelineno-0-6" name="__codelineno-0-6" href="#__codelineno-0-6"></a> t:none,\
<a id="__codelineno-0-7" name="__codelineno-0-7" href="#__codelineno-0-7"></a> setvar:tx.crs_exclusions_wordpress=1&quot;
<div class="highlight"><pre><span></span><code>SecAction \
&quot;id:900130,\
phase:1,\
nolog,\
pass,\
t:none,\
setvar:tx.crs_exclusions_wordpress=1&quot;
</code></pre></div>
<p>You can also add a custom configuration with type <code>modsec</code> to update loaded CRS rules :</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-1-1" name="__codelineno-1-1" href="#__codelineno-1-1"></a>SecRule REQUEST_FILENAME &quot;/wp-admin/admin-ajax.php&quot; &quot;id:1,ctl:ruleRemoveByTag=attack-xss,ctl:ruleRemoveByTag=attack-rce&quot;
<a id="__codelineno-1-2" name="__codelineno-1-2" href="#__codelineno-1-2"></a>SecRule REQUEST_FILENAME &quot;/wp-admin/options.php&quot; &quot;id:2,ctl:ruleRemoveByTag=attack-xss&quot;
<a id="__codelineno-1-3" name="__codelineno-1-3" href="#__codelineno-1-3"></a>SecRule REQUEST_FILENAME &quot;^/wp-json/yoast&quot; &quot;id:3,ctl:ruleRemoveById=930120&quot;
<div class="highlight"><pre><span></span><code>SecRule REQUEST_FILENAME &quot;/wp-admin/admin-ajax.php&quot; &quot;id:1,ctl:ruleRemoveByTag=attack-xss,ctl:ruleRemoveByTag=attack-rce&quot;
SecRule REQUEST_FILENAME &quot;/wp-admin/options.php&quot; &quot;id:2,ctl:ruleRemoveByTag=attack-xss&quot;
SecRule REQUEST_FILENAME &quot;^/wp-json/yoast&quot; &quot;id:3,ctl:ruleRemoveById=930120&quot;
</code></pre></div>
<h2 id="bad-behavior">Bad behavior</h2>
<p>When attackers search for and/or exploit vulnerabilities they might generate some "suspicious" HTTP status codes that a "regular" user wont generate within a period of time. If we detect that kind of behavior we can ban the offending IP address and force the attacker to come up with a new one.</p>
@ -1408,6 +1428,7 @@ documentation for the current version.
</table>
<p>Using both country blacklist and whitelist at the same time makes no sense. If you do please note that only the whitelist will be executed.</p>
<h2 id="authentication">Authentication</h2>
<h3 id="auth-basic">Auth basic</h3>
<p>You can quickly protect sensitive resources like the admin area for example by requiring HTTP basic authentication. Here is the list of related settings :</p>
<table>
<thead>
@ -1429,21 +1450,58 @@ documentation for the current version.
<td align="left">Location (URL) of the sensitive resource. Use special value <code>sitewide</code> to enable everywhere.</td>
</tr>
<tr>
<td align="center"><code>USE_AUTH_BASIC_USER</code></td>
<td align="center"><code>AUTH_BASIC_USER</code></td>
<td align="center"><code>changeme</code></td>
<td align="left">The username required.</td>
</tr>
<tr>
<td align="center"><code>USE_AUTH_BASIC_PASSWORD</code></td>
<td align="center"><code>AUTH_BASIC_PASSWORD</code></td>
<td align="center"><code>changeme</code></td>
<td align="left">The password required.</td>
</tr>
<tr>
<td align="center"><code>USE_AUTH_BASIC_TEXT</code></td>
<td align="center"><code>AUTH_BASIC_TEXT</code></td>
<td align="center"><code>Restricted area</code></td>
<td align="left">Text to display in the auth prompt.</td>
</tr>
</tbody>
</table>
<h3 id="auth-request">Auth request</h3>
<p>You can deploy complex authentification (e.g. SSO), by using the auth request settings (see <a href="https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-subrequest-authentication/">here</a> for more information on the feature). Please note that you will find <a href="https://www.authelia.com/">Authelia</a> and <a href="https://goauthentik.io/">Authentik</a> examples in the <a href="https://github.com/bunkerity/bunkerweb/tree/master/examples">repository</a>.</p>
<p><strong>Auth request settings are related to reverse proxy rules.</strong></p>
<table>
<thead>
<tr>
<th>Setting</th>
<th>Default</th>
<th>Context</th>
<th>Multiple</th>
<th>Description</th>
</tr>
</thead>
<tbody>
<tr>
<td><code>REVERSE_PROXY_AUTH_REQUEST</code></td>
<td></td>
<td>multisite</td>
<td>yes</td>
<td>Enable authentication using an external provider (value of auth_request directive).</td>
</tr>
<tr>
<td><code>REVERSE_PROXY_AUTH_REQUEST_SIGNIN_URL</code></td>
<td></td>
<td>multisite</td>
<td>yes</td>
<td>Redirect clients to signin URL when using REVERSE_PROXY_AUTH_REQUEST (used when auth_request call returned 401).</td>
</tr>
<tr>
<td><code>REVERSE_PROXY_AUTH_REQUEST_SET</code></td>
<td></td>
<td>multisite</td>
<td>yes</td>
<td>List of variables to set from the authentication provider, separated with ; (values of auth_request_set directives).</td>
</tr>
</tbody>
</table>
@ -1549,7 +1607,7 @@ documentation for the current version.
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate", "content.code.annotate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script src="../assets/javascripts/bundle.467223ff.min.js"></script>

53
1.4/settings/index.html
View File

@ -2030,7 +2030,14 @@ documentation for the current version.
<td></td>
<td>multisite</td>
<td>yes</td>
<td>List of HTTP headers to send to proxied resource.</td>
<td>List of HTTP headers to send to proxied resource separated with ; (values for proxy_set_header directive).</td>
</tr>
<tr>
<td><code>REVERSE_PROXY_HEADERS_CLIENT</code></td>
<td></td>
<td>multisite</td>
<td>yes</td>
<td>List of HTTP headers to send to client separated with ; (values for add_header directive).</td>
</tr>
<tr>
<td><code>REVERSE_PROXY_BUFFERING</code></td>
@ -2047,6 +2054,27 @@ documentation for the current version.
<td>Enable or disable keepalive connections with the proxied resource.</td>
</tr>
<tr>
<td><code>REVERSE_PROXY_AUTH_REQUEST</code></td>
<td></td>
<td>multisite</td>
<td>yes</td>
<td>Enable authentication using an external provider (value of auth_request directive).</td>
</tr>
<tr>
<td><code>REVERSE_PROXY_AUTH_REQUEST_SIGNIN_URL</code></td>
<td></td>
<td>multisite</td>
<td>yes</td>
<td>Redirect clients to signin URL when using REVERSE_PROXY_AUTH_REQUEST (used when auth_request call returned 401).</td>
</tr>
<tr>
<td><code>REVERSE_PROXY_AUTH_REQUEST_SET</code></td>
<td></td>
<td>multisite</td>
<td>yes</td>
<td>List of variables to set from the authentication provider, separated with ; (values of auth_request_set directives).</td>
</tr>
<tr>
<td><code>USE_PROXY_CACHE</code></td>
<td><code>no</code></td>
<td>multisite</td>
@ -2116,6 +2144,27 @@ documentation for the current version.
<td>no</td>
<td>Conditions to bypass caching of responses.</td>
</tr>
<tr>
<td><code>REVERSE_PROXY_CONNECT_TIMEOUT</code></td>
<td><code>60s</code></td>
<td>multisite</td>
<td>yes</td>
<td>Timeout when connecting to the proxied resource.</td>
</tr>
<tr>
<td><code>REVERSE_PROXY_READ_TIMEOUT</code></td>
<td><code>60s</code></td>
<td>multisite</td>
<td>yes</td>
<td>Timeout when reading from the proxied resource.</td>
</tr>
<tr>
<td><code>REVERSE_PROXY_SEND_TIMEOUT</code></td>
<td><code>60s</code></td>
<td>multisite</td>
<td>yes</td>
<td>Timeout when sending to the proxied resource.</td>
</tr>
</tbody>
</table>
<h3 id="self-signed-certificate">Self-signed certificate</h3>
@ -2376,7 +2425,7 @@ documentation for the current version.
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate", "content.code.annotate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script src="../assets/javascripts/bundle.467223ff.min.js"></script>

22
1.4/sitemap.xml
View File

@ -2,57 +2,57 @@
<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
<url>
<loc>https://docs.bunkerweb.io/1.4/</loc>
<lastmod>2022-06-06</lastmod>
<lastmod>2022-06-16</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docs.bunkerweb.io/1.4/about/</loc>
<lastmod>2022-06-06</lastmod>
<lastmod>2022-06-16</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docs.bunkerweb.io/1.4/concepts/</loc>
<lastmod>2022-06-06</lastmod>
<lastmod>2022-06-16</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docs.bunkerweb.io/1.4/integrations/</loc>
<lastmod>2022-06-06</lastmod>
<lastmod>2022-06-16</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docs.bunkerweb.io/1.4/migrating/</loc>
<lastmod>2022-06-06</lastmod>
<lastmod>2022-06-16</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docs.bunkerweb.io/1.4/plugins/</loc>
<lastmod>2022-06-06</lastmod>
<lastmod>2022-06-16</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docs.bunkerweb.io/1.4/quickstart-guide/</loc>
<lastmod>2022-06-06</lastmod>
<lastmod>2022-06-16</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docs.bunkerweb.io/1.4/security-tuning/</loc>
<lastmod>2022-06-06</lastmod>
<lastmod>2022-06-16</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docs.bunkerweb.io/1.4/settings/</loc>
<lastmod>2022-06-06</lastmod>
<lastmod>2022-06-16</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docs.bunkerweb.io/1.4/troubleshooting/</loc>
<lastmod>2022-06-06</lastmod>
<lastmod>2022-06-16</lastmod>
<changefreq>daily</changefreq>
</url>
<url>
<loc>https://docs.bunkerweb.io/1.4/web-ui/</loc>
<lastmod>2022-06-06</lastmod>
<lastmod>2022-06-16</lastmod>
<changefreq>daily</changefreq>
</url>
</urlset>

BIN
1.4/sitemap.xml.gz
View File

Binary file not shown.

189
1.4/troubleshooting/index.html
View File

@ -644,60 +644,63 @@ documentation for the current version.
<div class="admonition tip">
<p class="admonition-title">List containers</p>
<p>To list the running containers you can use the following command :
<div class="highlight"><pre><span></span><code><a id="__codelineno-0-1" name="__codelineno-0-1" href="#__codelineno-0-1"></a>docker ps
<div class="highlight"><pre><span></span><code>docker ps
</code></pre></div></p>
</div>
<p>You can use the <code>docker logs</code> command (replace <code>mybunker</code> with the name of your container) :
<div class="highlight"><pre><span></span><code><a id="__codelineno-1-1" name="__codelineno-1-1" href="#__codelineno-1-1"></a>docker logs mybunker
<div class="highlight"><pre><span></span><code>docker logs mybunker
</code></pre></div></p>
<p>Here is the docker-compose equivalent (replace <code>mybunker</code> with the name of the services declared in the docker-compose.yml file) :
<div class="highlight"><pre><span></span><code><a id="__codelineno-2-1" name="__codelineno-2-1" href="#__codelineno-2-1"></a>docker-compose logs mybunker
<div class="highlight"><pre><span></span><code>docker-compose logs mybunker
</code></pre></div></p>
</div>
<div class="tabbed-block">
<div class="admonition tip">
<p class="admonition-title">List containers</p>
<p>To list the running containers you can use the following command :
<div class="highlight"><pre><span></span><code><a id="__codelineno-3-1" name="__codelineno-3-1" href="#__codelineno-3-1"></a>docker ps
<div class="highlight"><pre><span></span><code>docker ps
</code></pre></div></p>
</div>
<p>You can use the <code>docker logs</code> command (replace <code>mybunker</code> and <code>myautoconf</code> with the name of your containers) :
<div class="highlight"><pre><span></span><code><a id="__codelineno-4-1" name="__codelineno-4-1" href="#__codelineno-4-1"></a>docker logs mybunker
<a id="__codelineno-4-2" name="__codelineno-4-2" href="#__codelineno-4-2"></a>docker logs myautoconf
<div class="highlight"><pre><span></span><code>docker logs mybunker
docker logs myautoconf
</code></pre></div></p>
<p>Here is the docker-compose equivalent (replace <code>mybunker</code> and <code>myautoconf</code> with the name of the services declared in the docker-compose.yml file) :
<div class="highlight"><pre><span></span><code><a id="__codelineno-5-1" name="__codelineno-5-1" href="#__codelineno-5-1"></a>docker-compose logs mybunker
<a id="__codelineno-5-2" name="__codelineno-5-2" href="#__codelineno-5-2"></a>docker-compose logs myautoconf
<div class="highlight"><pre><span></span><code>docker-compose logs mybunker
docker-compose logs myautoconf
</code></pre></div></p>
</div>
<div class="tabbed-block">
<div class="admonition tip">
<p class="admonition-title">List services</p>
<p>To list the services you can use the following command :
<div class="highlight"><pre><span></span><code><a id="__codelineno-6-1" name="__codelineno-6-1" href="#__codelineno-6-1"></a>docker service ls
<div class="highlight"><pre><span></span><code>docker service ls
</code></pre></div></p>
</div>
<p>You can use the <code>docker service logs</code> command (replace <code>mybunker</code> and <code>myautoconf</code> my with the name of your services) :
<div class="highlight"><pre><span></span><code><a id="__codelineno-7-1" name="__codelineno-7-1" href="#__codelineno-7-1"></a>docker service logs mybunker
<a id="__codelineno-7-2" name="__codelineno-7-2" href="#__codelineno-7-2"></a>docker service logs myautoconf
<div class="highlight"><pre><span></span><code>docker service logs mybunker
docker service logs myautoconf
</code></pre></div></p>
</div>
<div class="tabbed-block">
<div class="admonition tip">
<p class="admonition-title">List pods</p>
<p>To list the pods you can use the following command :
<div class="highlight"><pre><span></span><code><a id="__codelineno-8-1" name="__codelineno-8-1" href="#__codelineno-8-1"></a>kubectl get pods
<div class="highlight"><pre><span></span><code>kubectl get pods
</code></pre></div></p>
</div>
<p>You can use the <code>kubectl logs</code> command (replace <code>mybunker</code> and <code>myautoconf</code> my with the name of your pods) :
<div class="highlight"><pre><span></span><code><a id="__codelineno-9-1" name="__codelineno-9-1" href="#__codelineno-9-1"></a>kubectl logs mybunker
<a id="__codelineno-9-2" name="__codelineno-9-2" href="#__codelineno-9-2"></a>kubectl logs myautoconf
<div class="highlight"><pre><span></span><code>kubectl logs mybunker
kubectl logs myautoconf
</code></pre></div></p>
</div>
<div class="tabbed-block">
<p>The logs are located inside the <code>/var/log/nginx</code> directory. There is two files :
<div class="highlight"><pre><span></span><code><a id="__codelineno-10-1" name="__codelineno-10-1" href="#__codelineno-10-1"></a>cat /var/log/nginx/error.log
<a id="__codelineno-10-2" name="__codelineno-10-2" href="#__codelineno-10-2"></a>cat /var/log/nginx/access.log
<p>For errors related to BunkerWeb services (e.g. not starting), you can use <code>journalctl</code> :
<div class="highlight"><pre><span></span><code>journalctl -u bunkerweb --no-pager
</code></pre></div></p>
<p>Common logs are located inside the <code>/var/log/nginx</code> directory :
<div class="highlight"><pre><span></span><code>cat /var/log/nginx/error.log
cat /var/log/nginx/access.log
</code></pre></div></p>
</div>
</div>
@ -712,74 +715,74 @@ documentation for the current version.
<li>the default threshold for anomaly score is 5 for requests and 4 for responses</li>
</ul>
<p>Let's take the following logs as an example of ModSecurity detection using default configuration (formatted for better readability) :</p>
<div class="highlight"><pre><span></span><code><a id="__codelineno-11-1" name="__codelineno-11-1" href="#__codelineno-11-1"></a>2022/04/26 12:01:10 [warn] 85#85: *11 ModSecurity: Warning. Matched &quot;Operator `PmFromFile&#39; with parameter `lfi-os-files.data&#39; against variable `ARGS:id&#39; (Value: `/etc/passwd&#39; )
<a id="__codelineno-11-2" name="__codelineno-11-2" href="#__codelineno-11-2"></a> [file &quot;/opt/bunkerweb/core/modsecurity/files/coreruleset/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf&quot;]
<a id="__codelineno-11-3" name="__codelineno-11-3" href="#__codelineno-11-3"></a> [line &quot;78&quot;]
<a id="__codelineno-11-4" name="__codelineno-11-4" href="#__codelineno-11-4"></a> [id &quot;930120&quot;]
<a id="__codelineno-11-5" name="__codelineno-11-5" href="#__codelineno-11-5"></a> [rev &quot;&quot;]
<a id="__codelineno-11-6" name="__codelineno-11-6" href="#__codelineno-11-6"></a> [msg &quot;OS File Access Attempt&quot;]
<a id="__codelineno-11-7" name="__codelineno-11-7" href="#__codelineno-11-7"></a> [data &quot;Matched Data: etc/passwd found within ARGS:id: /etc/passwd&quot;]
<a id="__codelineno-11-8" name="__codelineno-11-8" href="#__codelineno-11-8"></a> [severity &quot;2&quot;]
<a id="__codelineno-11-9" name="__codelineno-11-9" href="#__codelineno-11-9"></a> [ver &quot;OWASP_CRS/3.3.2&quot;]
<a id="__codelineno-11-10" name="__codelineno-11-10" href="#__codelineno-11-10"></a> [maturity &quot;0&quot;]
<a id="__codelineno-11-11" name="__codelineno-11-11" href="#__codelineno-11-11"></a> [accuracy &quot;0&quot;]
<a id="__codelineno-11-12" name="__codelineno-11-12" href="#__codelineno-11-12"></a> [tag &quot;application-multi&quot;]
<a id="__codelineno-11-13" name="__codelineno-11-13" href="#__codelineno-11-13"></a> [tag &quot;language-multi&quot;]
<a id="__codelineno-11-14" name="__codelineno-11-14" href="#__codelineno-11-14"></a> [tag &quot;platform-multi&quot;]
<a id="__codelineno-11-15" name="__codelineno-11-15" href="#__codelineno-11-15"></a> [tag &quot;attack-lfi&quot;]
<a id="__codelineno-11-16" name="__codelineno-11-16" href="#__codelineno-11-16"></a> [tag &quot;paranoia-level/1&quot;]
<a id="__codelineno-11-17" name="__codelineno-11-17" href="#__codelineno-11-17"></a> [tag &quot;OWASP_CRS&quot;]
<a id="__codelineno-11-18" name="__codelineno-11-18" href="#__codelineno-11-18"></a> [tag &quot;capec/1000/255/153/126&quot;]
<a id="__codelineno-11-19" name="__codelineno-11-19" href="#__codelineno-11-19"></a> [tag &quot;PCI/6.5.4&quot;]
<a id="__codelineno-11-20" name="__codelineno-11-20" href="#__codelineno-11-20"></a> [hostname &quot;172.17.0.2&quot;]
<a id="__codelineno-11-21" name="__codelineno-11-21" href="#__codelineno-11-21"></a> [uri &quot;/&quot;]
<a id="__codelineno-11-22" name="__codelineno-11-22" href="#__codelineno-11-22"></a> [unique_id &quot;165097447014.179282&quot;]
<a id="__codelineno-11-23" name="__codelineno-11-23" href="#__codelineno-11-23"></a> [ref &quot;o1,10v9,11t:utf8toUnicode,t:urlDecodeUni,t:normalizePathWin,t:lowercase&quot;],
<a id="__codelineno-11-24" name="__codelineno-11-24" href="#__codelineno-11-24"></a> client: 172.17.0.1, server: localhost, request: &quot;GET /?id=/etc/passwd HTTP/1.1&quot;, host: &quot;localhost&quot;
<a id="__codelineno-11-25" name="__codelineno-11-25" href="#__codelineno-11-25"></a>2022/04/26 12:01:10 [warn] 85#85: *11 ModSecurity: Warning. Matched &quot;Operator `PmFromFile&#39; with parameter `unix-shell.data&#39; against variable `ARGS:id&#39; (Value: `/etc/passwd&#39; )
<a id="__codelineno-11-26" name="__codelineno-11-26" href="#__codelineno-11-26"></a> [file &quot;/opt/bunkerweb/core/modsecurity/files/coreruleset/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf&quot;]
<a id="__codelineno-11-27" name="__codelineno-11-27" href="#__codelineno-11-27"></a> [line &quot;480&quot;]
<a id="__codelineno-11-28" name="__codelineno-11-28" href="#__codelineno-11-28"></a> [id &quot;932160&quot;]
<a id="__codelineno-11-29" name="__codelineno-11-29" href="#__codelineno-11-29"></a> [rev &quot;&quot;]
<a id="__codelineno-11-30" name="__codelineno-11-30" href="#__codelineno-11-30"></a> [msg &quot;Remote Command Execution: Unix Shell Code Found&quot;]
<a id="__codelineno-11-31" name="__codelineno-11-31" href="#__codelineno-11-31"></a> [data &quot;Matched Data: etc/passwd found within ARGS:id: /etc/passwd&quot;]
<a id="__codelineno-11-32" name="__codelineno-11-32" href="#__codelineno-11-32"></a> [severity &quot;2&quot;]
<a id="__codelineno-11-33" name="__codelineno-11-33" href="#__codelineno-11-33"></a> [ver &quot;OWASP_CRS/3.3.2&quot;]
<a id="__codelineno-11-34" name="__codelineno-11-34" href="#__codelineno-11-34"></a> [maturity &quot;0&quot;]
<a id="__codelineno-11-35" name="__codelineno-11-35" href="#__codelineno-11-35"></a> [accuracy &quot;0&quot;]
<a id="__codelineno-11-36" name="__codelineno-11-36" href="#__codelineno-11-36"></a> [tag &quot;application-multi&quot;]
<a id="__codelineno-11-37" name="__codelineno-11-37" href="#__codelineno-11-37"></a> [tag &quot;language-shell&quot;]
<a id="__codelineno-11-38" name="__codelineno-11-38" href="#__codelineno-11-38"></a> [tag &quot;platform-unix&quot;]
<a id="__codelineno-11-39" name="__codelineno-11-39" href="#__codelineno-11-39"></a> [tag &quot;attack-rce&quot;]
<a id="__codelineno-11-40" name="__codelineno-11-40" href="#__codelineno-11-40"></a> [tag &quot;paranoia-level/1&quot;]
<a id="__codelineno-11-41" name="__codelineno-11-41" href="#__codelineno-11-41"></a> [tag &quot;OWASP_CRS&quot;]
<a id="__codelineno-11-42" name="__codelineno-11-42" href="#__codelineno-11-42"></a> [tag &quot;capec/1000/152/248/88&quot;]
<a id="__codelineno-11-43" name="__codelineno-11-43" href="#__codelineno-11-43"></a> [tag &quot;PCI/6.5.2&quot;]
<a id="__codelineno-11-44" name="__codelineno-11-44" href="#__codelineno-11-44"></a> [hostname &quot;172.17.0.2&quot;]
<a id="__codelineno-11-45" name="__codelineno-11-45" href="#__codelineno-11-45"></a> [uri &quot;/&quot;]
<a id="__codelineno-11-46" name="__codelineno-11-46" href="#__codelineno-11-46"></a> [unique_id &quot;165097447014.179282&quot;]
<a id="__codelineno-11-47" name="__codelineno-11-47" href="#__codelineno-11-47"></a> [ref &quot;o1,10v9,11t:urlDecodeUni,t:cmdLine,t:normalizePath,t:lowercase&quot;],
<a id="__codelineno-11-48" name="__codelineno-11-48" href="#__codelineno-11-48"></a> client: 172.17.0.1, server: localhost, request: &quot;GET /?id=/etc/passwd HTTP/1.1&quot;, host: &quot;localhost&quot;
<a id="__codelineno-11-49" name="__codelineno-11-49" href="#__codelineno-11-49"></a>2022/04/26 12:01:10 [error] 85#85: *11 [client 172.17.0.1] ModSecurity: Access denied with code 403 (phase 2). Matched &quot;Operator `Ge&#39; with parameter `5&#39; against variable `TX:ANOMALY_SCORE&#39; (Value: `10&#39; )
<a id="__codelineno-11-50" name="__codelineno-11-50" href="#__codelineno-11-50"></a> [file &quot;/opt/bunkerweb/core/modsecurity/files/coreruleset/rules/REQUEST-949-BLOCKING-EVALUATION.conf&quot;]
<a id="__codelineno-11-51" name="__codelineno-11-51" href="#__codelineno-11-51"></a> [line &quot;80&quot;]
<a id="__codelineno-11-52" name="__codelineno-11-52" href="#__codelineno-11-52"></a> [id &quot;949110&quot;]
<a id="__codelineno-11-53" name="__codelineno-11-53" href="#__codelineno-11-53"></a> [rev &quot;&quot;]
<a id="__codelineno-11-54" name="__codelineno-11-54" href="#__codelineno-11-54"></a> [msg &quot;Inbound Anomaly Score Exceeded (Total Score: 10)&quot;]
<a id="__codelineno-11-55" name="__codelineno-11-55" href="#__codelineno-11-55"></a> [data &quot;&quot;]
<a id="__codelineno-11-56" name="__codelineno-11-56" href="#__codelineno-11-56"></a> [severity &quot;2&quot;]
<a id="__codelineno-11-57" name="__codelineno-11-57" href="#__codelineno-11-57"></a> [ver &quot;OWASP_CRS/3.3.2&quot;]
<a id="__codelineno-11-58" name="__codelineno-11-58" href="#__codelineno-11-58"></a> [maturity &quot;0&quot;]
<a id="__codelineno-11-59" name="__codelineno-11-59" href="#__codelineno-11-59"></a> [accuracy &quot;0&quot;]
<a id="__codelineno-11-60" name="__codelineno-11-60" href="#__codelineno-11-60"></a> [tag &quot;application-multi&quot;]
<a id="__codelineno-11-61" name="__codelineno-11-61" href="#__codelineno-11-61"></a> [tag &quot;language-multi&quot;]
<a id="__codelineno-11-62" name="__codelineno-11-62" href="#__codelineno-11-62"></a> [tag &quot;platform-multi&quot;]
<a id="__codelineno-11-63" name="__codelineno-11-63" href="#__codelineno-11-63"></a> [tag &quot;attack-generic&quot;]
<a id="__codelineno-11-64" name="__codelineno-11-64" href="#__codelineno-11-64"></a> [hostname &quot;172.17.0.2&quot;]
<a id="__codelineno-11-65" name="__codelineno-11-65" href="#__codelineno-11-65"></a> [uri &quot;/&quot;]
<a id="__codelineno-11-66" name="__codelineno-11-66" href="#__codelineno-11-66"></a> [unique_id &quot;165097447014.179282&quot;]
<a id="__codelineno-11-67" name="__codelineno-11-67" href="#__codelineno-11-67"></a> [ref &quot;&quot;],
<a id="__codelineno-11-68" name="__codelineno-11-68" href="#__codelineno-11-68"></a> client: 172.17.0.1, server: localhost, request: &quot;GET /?id=/etc/passwd HTTP/1.1&quot;, host: &quot;localhost&quot;
<div class="highlight"><pre><span></span><code>2022/04/26 12:01:10 [warn] 85#85: *11 ModSecurity: Warning. Matched &quot;Operator `PmFromFile&#39; with parameter `lfi-os-files.data&#39; against variable `ARGS:id&#39; (Value: `/etc/passwd&#39; )
[file &quot;/opt/bunkerweb/core/modsecurity/files/coreruleset/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf&quot;]
[line &quot;78&quot;]
[id &quot;930120&quot;]
[rev &quot;&quot;]
[msg &quot;OS File Access Attempt&quot;]
[data &quot;Matched Data: etc/passwd found within ARGS:id: /etc/passwd&quot;]
[severity &quot;2&quot;]
[ver &quot;OWASP_CRS/3.3.2&quot;]
[maturity &quot;0&quot;]
[accuracy &quot;0&quot;]
[tag &quot;application-multi&quot;]
[tag &quot;language-multi&quot;]
[tag &quot;platform-multi&quot;]
[tag &quot;attack-lfi&quot;]
[tag &quot;paranoia-level/1&quot;]
[tag &quot;OWASP_CRS&quot;]
[tag &quot;capec/1000/255/153/126&quot;]
[tag &quot;PCI/6.5.4&quot;]
[hostname &quot;172.17.0.2&quot;]
[uri &quot;/&quot;]
[unique_id &quot;165097447014.179282&quot;]
[ref &quot;o1,10v9,11t:utf8toUnicode,t:urlDecodeUni,t:normalizePathWin,t:lowercase&quot;],
client: 172.17.0.1, server: localhost, request: &quot;GET /?id=/etc/passwd HTTP/1.1&quot;, host: &quot;localhost&quot;
2022/04/26 12:01:10 [warn] 85#85: *11 ModSecurity: Warning. Matched &quot;Operator `PmFromFile&#39; with parameter `unix-shell.data&#39; against variable `ARGS:id&#39; (Value: `/etc/passwd&#39; )
[file &quot;/opt/bunkerweb/core/modsecurity/files/coreruleset/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf&quot;]
[line &quot;480&quot;]
[id &quot;932160&quot;]
[rev &quot;&quot;]
[msg &quot;Remote Command Execution: Unix Shell Code Found&quot;]
[data &quot;Matched Data: etc/passwd found within ARGS:id: /etc/passwd&quot;]
[severity &quot;2&quot;]
[ver &quot;OWASP_CRS/3.3.2&quot;]
[maturity &quot;0&quot;]
[accuracy &quot;0&quot;]
[tag &quot;application-multi&quot;]
[tag &quot;language-shell&quot;]
[tag &quot;platform-unix&quot;]
[tag &quot;attack-rce&quot;]
[tag &quot;paranoia-level/1&quot;]
[tag &quot;OWASP_CRS&quot;]
[tag &quot;capec/1000/152/248/88&quot;]
[tag &quot;PCI/6.5.2&quot;]
[hostname &quot;172.17.0.2&quot;]
[uri &quot;/&quot;]
[unique_id &quot;165097447014.179282&quot;]
[ref &quot;o1,10v9,11t:urlDecodeUni,t:cmdLine,t:normalizePath,t:lowercase&quot;],
client: 172.17.0.1, server: localhost, request: &quot;GET /?id=/etc/passwd HTTP/1.1&quot;, host: &quot;localhost&quot;
2022/04/26 12:01:10 [error] 85#85: *11 [client 172.17.0.1] ModSecurity: Access denied with code 403 (phase 2). Matched &quot;Operator `Ge&#39; with parameter `5&#39; against variable `TX:ANOMALY_SCORE&#39; (Value: `10&#39; )
[file &quot;/opt/bunkerweb/core/modsecurity/files/coreruleset/rules/REQUEST-949-BLOCKING-EVALUATION.conf&quot;]
[line &quot;80&quot;]
[id &quot;949110&quot;]
[rev &quot;&quot;]
[msg &quot;Inbound Anomaly Score Exceeded (Total Score: 10)&quot;]
[data &quot;&quot;]
[severity &quot;2&quot;]
[ver &quot;OWASP_CRS/3.3.2&quot;]
[maturity &quot;0&quot;]
[accuracy &quot;0&quot;]
[tag &quot;application-multi&quot;]
[tag &quot;language-multi&quot;]
[tag &quot;platform-multi&quot;]
[tag &quot;attack-generic&quot;]
[hostname &quot;172.17.0.2&quot;]
[uri &quot;/&quot;]
[unique_id &quot;165097447014.179282&quot;]
[ref &quot;&quot;],
client: 172.17.0.1, server: localhost, request: &quot;GET /?id=/etc/passwd HTTP/1.1&quot;, host: &quot;localhost&quot;
</code></pre></div>
<p>As we can see there are 3 different logs :</p>
<ol>
@ -797,33 +800,33 @@ documentation for the current version.
<div class="tabbed-content">
<div class="tabbed-block">
<p>You can use the <code>docker exec</code> command (replace <code>mybunker</code> with the name of your container) :
<div class="highlight"><pre><span></span><code><a id="__codelineno-12-1" name="__codelineno-12-1" href="#__codelineno-12-1"></a>docker <span class="nb">exec</span> mybunker bwcli unban <span class="m">1</span>.2.3.4
<div class="highlight"><pre><span></span><code>docker <span class="nb">exec</span> mybunker bwcli unban <span class="m">1</span>.2.3.4
</code></pre></div></p>
<p>Here is the docker-compose equivalent (replace <code>mybunker</code> with the name of the services declared in the docker-compose.yml file) :
<div class="highlight"><pre><span></span><code><a id="__codelineno-13-1" name="__codelineno-13-1" href="#__codelineno-13-1"></a>docker-compose <span class="nb">exec</span> mybunker bwcli unban <span class="m">1</span>.2.3.4
<div class="highlight"><pre><span></span><code>docker-compose <span class="nb">exec</span> mybunker bwcli unban <span class="m">1</span>.2.3.4
</code></pre></div></p>
</div>
<div class="tabbed-block">
<p>You can use the <code>docker exec</code> command (replace <code>mya</code> with the name of your container) :
<div class="highlight"><pre><span></span><code><a id="__codelineno-14-1" name="__codelineno-14-1" href="#__codelineno-14-1"></a>docker <span class="nb">exec</span> mybunker bwcli unban <span class="m">1</span>.2.3.4
<div class="highlight"><pre><span></span><code>docker <span class="nb">exec</span> mybunker bwcli unban <span class="m">1</span>.2.3.4
</code></pre></div></p>
<p>Here is the docker-compose equivalent (replace <code>mybunker</code> with the name of the services declared in the docker-compose.yml file) :
<div class="highlight"><pre><span></span><code><a id="__codelineno-15-1" name="__codelineno-15-1" href="#__codelineno-15-1"></a>docker-compose <span class="nb">exec</span> mybunker bwcli unban <span class="m">1</span>.2.3.4
<div class="highlight"><pre><span></span><code>docker-compose <span class="nb">exec</span> mybunker bwcli unban <span class="m">1</span>.2.3.4
</code></pre></div></p>
</div>
<div class="tabbed-block">
<p>You can use the <code>docker exec</code> command (replace <code>myautoconf</code> with the name of your service) :
<div class="highlight"><pre><span></span><code><a id="__codelineno-16-1" name="__codelineno-16-1" href="#__codelineno-16-1"></a>docker <span class="nb">exec</span> <span class="k">$(</span>docker ps -q -f <span class="nv">name</span><span class="o">=</span>myautoconf<span class="k">)</span> bwcli unban <span class="m">1</span>.2.3.4
<div class="highlight"><pre><span></span><code>docker <span class="nb">exec</span> <span class="k">$(</span>docker ps -q -f <span class="nv">name</span><span class="o">=</span>myautoconf<span class="k">)</span> bwcli unban <span class="m">1</span>.2.3.4
</code></pre></div></p>
</div>
<div class="tabbed-block">
<p>You can use the <code>kubectl exec</code> command (replace <code>myautoconf</code> with the name of your pod) :
<div class="highlight"><pre><span></span><code><a id="__codelineno-17-1" name="__codelineno-17-1" href="#__codelineno-17-1"></a>kubectl <span class="nb">exec</span> myautoconf bwcli unban <span class="m">1</span>.2.3.4
<div class="highlight"><pre><span></span><code>kubectl <span class="nb">exec</span> myautoconf bwcli unban <span class="m">1</span>.2.3.4
</code></pre></div></p>
</div>
<div class="tabbed-block">
<p>You can use the <code>bwcli</code> command :
<div class="highlight"><pre><span></span><code><a id="__codelineno-18-1" name="__codelineno-18-1" href="#__codelineno-18-1"></a>bwcli unban <span class="m">1</span>.2.3.4
<div class="highlight"><pre><span></span><code>bwcli unban <span class="m">1</span>.2.3.4
</code></pre></div></p>
</div>
</div>
@ -939,7 +942,7 @@ documentation for the current version.
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate", "content.code.annotate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script src="../assets/javascripts/bundle.467223ff.min.js"></script>

248
1.4/web-ui/index.html
View File

@ -660,33 +660,33 @@ documentation for the current version.
<div class="tabbed-block">
<p>When using the <a href="/1.4/integrations/#docker">Docker integration</a>, we recommend you to connect the BunkerWeb and web UI using a dedicated network and use another dedicated network for the communications between BunkerWeb and your web applications. The web UI can be deployed using a dedicated container based on the <a href="https://hub.docker.com/r/bunkerity/bunkerweb-ui">bunkerweb-ui image</a>.</p>
<p>Let's start by creating the networks (replace 10.20.30.0/24 with an unused network of your choice) :
<div class="highlight"><pre><span></span><code><a id="__codelineno-0-1" name="__codelineno-0-1" href="#__codelineno-0-1"></a>docker network create --subnet <span class="m">10</span>.20.30.0/24 bw-ui <span class="o">&amp;&amp;</span> <span class="se">\</span>
<a id="__codelineno-0-2" name="__codelineno-0-2" href="#__codelineno-0-2"></a>docker network create bw-services
<div class="highlight"><pre><span></span><code>docker network create --subnet <span class="m">10</span>.20.30.0/24 bw-ui <span class="o">&amp;&amp;</span> <span class="se">\</span>
docker network create bw-services
</code></pre></div></p>
<p>You will also need two volumes, one for the BunkerWeb data and another one to share the configuration files between the web UI and BunkerWeb :
<div class="highlight"><pre><span></span><code><a id="__codelineno-1-1" name="__codelineno-1-1" href="#__codelineno-1-1"></a>docker volume create bw-data <span class="o">&amp;&amp;</span> <span class="se">\</span>
<a id="__codelineno-1-2" name="__codelineno-1-2" href="#__codelineno-1-2"></a>docker volume create bw-confs
<div class="highlight"><pre><span></span><code>docker volume create bw-data <span class="o">&amp;&amp;</span> <span class="se">\</span>
docker volume create bw-confs
</code></pre></div></p>
<p>You can now create the BunkerWeb container with specific settings and volumes related to the web UI, please note the special <code>bunkerweb.UI</code> label which is mandatory :
<div class="highlight"><pre><span></span><code><a id="__codelineno-2-1" name="__codelineno-2-1" href="#__codelineno-2-1"></a>docker run -d <span class="se">\</span>
<a id="__codelineno-2-2" name="__codelineno-2-2" href="#__codelineno-2-2"></a> --name mybunker
<a id="__codelineno-2-3" name="__codelineno-2-3" href="#__codelineno-2-3"></a> --network bw-services <span class="se">\</span>
<a id="__codelineno-2-4" name="__codelineno-2-4" href="#__codelineno-2-4"></a> -p <span class="m">80</span>:8080 <span class="se">\</span>
<a id="__codelineno-2-5" name="__codelineno-2-5" href="#__codelineno-2-5"></a> -p <span class="m">443</span>:8443 <span class="se">\</span>
<a id="__codelineno-2-6" name="__codelineno-2-6" href="#__codelineno-2-6"></a> -v bw-data:/data <span class="se">\</span>
<a id="__codelineno-2-7" name="__codelineno-2-7" href="#__codelineno-2-7"></a> -v bw-confs:/etc/nginx <span class="se">\</span>
<a id="__codelineno-2-8" name="__codelineno-2-8" href="#__codelineno-2-8"></a> -e <span class="nv">SERVER_NAME</span><span class="o">=</span>bwadm.example.com <span class="se">\</span>
<a id="__codelineno-2-9" name="__codelineno-2-9" href="#__codelineno-2-9"></a> -e <span class="nv">MULTISITE</span><span class="o">=</span>yes <span class="se">\</span>
<a id="__codelineno-2-10" name="__codelineno-2-10" href="#__codelineno-2-10"></a> -e <span class="s2">&quot;API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24&quot;</span> <span class="se">\</span>
<a id="__codelineno-2-11" name="__codelineno-2-11" href="#__codelineno-2-11"></a> -e bwadm.example.com_USE_UI<span class="o">=</span>yes <span class="se">\</span>
<a id="__codelineno-2-12" name="__codelineno-2-12" href="#__codelineno-2-12"></a> -e bwadm.example.com_USE_REVERSE_PROXY<span class="o">=</span>yes <span class="se">\</span>
<a id="__codelineno-2-13" name="__codelineno-2-13" href="#__codelineno-2-13"></a> -e bwadm.example.com_REVERSE_PROXY_URL<span class="o">=</span>/changeme <span class="se">\</span>
<a id="__codelineno-2-14" name="__codelineno-2-14" href="#__codelineno-2-14"></a> -e bwadm.example.com_REVERSE_PROXY_HOST<span class="o">=</span>http://myui:7000 <span class="se">\</span>
<a id="__codelineno-2-15" name="__codelineno-2-15" href="#__codelineno-2-15"></a> -e <span class="s2">&quot;bwadm.example.com_REVERSE_PROXY_HEADER=X-Script-Name /changeme&quot;</span> <span class="se">\</span>
<a id="__codelineno-2-16" name="__codelineno-2-16" href="#__codelineno-2-16"></a> -e bwadm.example.com_REVERSE_PROXY_INTERCEPT_ERRORS<span class="o">=</span>no <span class="se">\</span>
<a id="__codelineno-2-17" name="__codelineno-2-17" href="#__codelineno-2-17"></a> -l bunkerweb.UI <span class="se">\</span>
<a id="__codelineno-2-18" name="__codelineno-2-18" href="#__codelineno-2-18"></a> bunkerity/bunkerweb:1.4.0 <span class="o">&amp;&amp;</span> <span class="se">\</span>
<a id="__codelineno-2-19" name="__codelineno-2-19" href="#__codelineno-2-19"></a>docker network connect bw-ui mybunker
<div class="highlight"><pre><span></span><code>docker run -d <span class="se">\</span>
--name mybunker
--network bw-services <span class="se">\</span>
-p <span class="m">80</span>:8080 <span class="se">\</span>
-p <span class="m">443</span>:8443 <span class="se">\</span>
-v bw-data:/data <span class="se">\</span>
-v bw-confs:/etc/nginx <span class="se">\</span>
-e <span class="nv">SERVER_NAME</span><span class="o">=</span>bwadm.example.com <span class="se">\</span>
-e <span class="nv">MULTISITE</span><span class="o">=</span>yes <span class="se">\</span>
-e <span class="s2">&quot;API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24&quot;</span> <span class="se">\</span>
-e bwadm.example.com_USE_UI<span class="o">=</span>yes <span class="se">\</span>
-e bwadm.example.com_USE_REVERSE_PROXY<span class="o">=</span>yes <span class="se">\</span>
-e bwadm.example.com_REVERSE_PROXY_URL<span class="o">=</span>/changeme <span class="se">\</span>
-e bwadm.example.com_REVERSE_PROXY_HOST<span class="o">=</span>http://myui:7000 <span class="se">\</span>
-e <span class="s2">&quot;bwadm.example.com_REVERSE_PROXY_HEADER=X-Script-Name /changeme&quot;</span> <span class="se">\</span>
-e bwadm.example.com_REVERSE_PROXY_INTERCEPT_ERRORS<span class="o">=</span>no <span class="se">\</span>
-l bunkerweb.UI <span class="se">\</span>
bunkerity/bunkerweb:1.4.1 <span class="o">&amp;&amp;</span> <span class="se">\</span>
docker network connect bw-ui mybunker
</code></pre></div></p>
<p>Important things to note :</p>
<ul>
@ -697,28 +697,28 @@ documentation for the current version.
</ul>
<p>The web UI will need to access the Docker API in order to get metadata about the running containers. It can be done easily by mounting the <strong>docker.sock</strong> file into the container. But there is a security risk : if the web UI is exploited, all your container(s) and the host will be impacted because, at the moment, Docker doesn't provide any restriction feature. We highly recommend using something like a <a href="https://github.com/Tecnativa/docker-socket-proxy">docker socket proxy</a> to mitigate that risk (only a subset of read-only API endpoints will be available to the web UI container).</p>
<p>To connect the docker socket proxy and the web UI, you will need another network :
<div class="highlight"><pre><span></span><code><a id="__codelineno-3-1" name="__codelineno-3-1" href="#__codelineno-3-1"></a>docker network create bw-docker
<div class="highlight"><pre><span></span><code>docker network create bw-docker
</code></pre></div></p>
<p>Once the network is created, you can now create the docker socket proxy container :
<div class="highlight"><pre><span></span><code><a id="__codelineno-4-1" name="__codelineno-4-1" href="#__codelineno-4-1"></a>docker run -d <span class="se">\</span>
<a id="__codelineno-4-2" name="__codelineno-4-2" href="#__codelineno-4-2"></a> --name mydocker <span class="se">\</span>
<a id="__codelineno-4-3" name="__codelineno-4-3" href="#__codelineno-4-3"></a> --network bw-docker <span class="se">\</span>
<a id="__codelineno-4-4" name="__codelineno-4-4" href="#__codelineno-4-4"></a> --privileged <span class="se">\</span>
<a id="__codelineno-4-5" name="__codelineno-4-5" href="#__codelineno-4-5"></a> -v /var/run/docker.sock:/var/run/docker.sock:ro <span class="se">\</span>
<a id="__codelineno-4-6" name="__codelineno-4-6" href="#__codelineno-4-6"></a> tecnativa/docker-socket-proxy
<div class="highlight"><pre><span></span><code>docker run -d <span class="se">\</span>
--name mydocker <span class="se">\</span>
--network bw-docker <span class="se">\</span>
--privileged <span class="se">\</span>
-v /var/run/docker.sock:/var/run/docker.sock:ro <span class="se">\</span>
tecnativa/docker-socket-proxy
</code></pre></div></p>
<p>We can finally create the web UI container :
<div class="highlight"><pre><span></span><code><a id="__codelineno-5-1" name="__codelineno-5-1" href="#__codelineno-5-1"></a>docker run -d <span class="se">\</span>
<a id="__codelineno-5-2" name="__codelineno-5-2" href="#__codelineno-5-2"></a> --name myui <span class="se">\</span>
<a id="__codelineno-5-3" name="__codelineno-5-3" href="#__codelineno-5-3"></a> --network bw-ui <span class="se">\</span>
<a id="__codelineno-5-4" name="__codelineno-5-4" href="#__codelineno-5-4"></a> -v bw-data:/data <span class="se">\</span>
<a id="__codelineno-5-5" name="__codelineno-5-5" href="#__codelineno-5-5"></a> -v bw-confs:/etc/nginx <span class="se">\</span>
<a id="__codelineno-5-6" name="__codelineno-5-6" href="#__codelineno-5-6"></a> -e <span class="nv">DOCKER_HOST</span><span class="o">=</span>tcp://mydocker:2375 <span class="se">\</span>
<a id="__codelineno-5-7" name="__codelineno-5-7" href="#__codelineno-5-7"></a> -e <span class="nv">ADMIN_USERNAME</span><span class="o">=</span>admin <span class="se">\</span>
<a id="__codelineno-5-8" name="__codelineno-5-8" href="#__codelineno-5-8"></a> -e <span class="nv">ADMIN_PASSWORD</span><span class="o">=</span>changeme <span class="se">\</span>
<a id="__codelineno-5-9" name="__codelineno-5-9" href="#__codelineno-5-9"></a> -e <span class="nv">ABSOLUTE_URI</span><span class="o">=</span>http<span class="o">(</span>s<span class="o">)</span>://bwadm.example.com/changeme/
<a id="__codelineno-5-10" name="__codelineno-5-10" href="#__codelineno-5-10"></a> bunkerity/bunkerweb-ui:1.4.0 <span class="o">&amp;&amp;</span> <span class="se">\</span>
<a id="__codelineno-5-11" name="__codelineno-5-11" href="#__codelineno-5-11"></a>docker network connect bw-docker myui
<div class="highlight"><pre><span></span><code>docker run -d <span class="se">\</span>
--name myui <span class="se">\</span>
--network bw-ui <span class="se">\</span>
-v bw-data:/data <span class="se">\</span>
-v bw-confs:/etc/nginx <span class="se">\</span>
-e <span class="nv">DOCKER_HOST</span><span class="o">=</span>tcp://mydocker:2375 <span class="se">\</span>
-e <span class="nv">ADMIN_USERNAME</span><span class="o">=</span>admin <span class="se">\</span>
-e <span class="nv">ADMIN_PASSWORD</span><span class="o">=</span>changeme <span class="se">\</span>
-e <span class="nv">ABSOLUTE_URI</span><span class="o">=</span>http<span class="o">(</span>s<span class="o">)</span>://bwadm.example.com/changeme/
bunkerity/bunkerweb-ui:1.4.1 <span class="o">&amp;&amp;</span> <span class="se">\</span>
docker network connect bw-docker myui
</code></pre></div></p>
<p>Important things to note :</p>
<ul>
@ -726,88 +726,88 @@ documentation for the current version.
<li>Replace the username <code>admin</code> and password <code>changeme</code> with strong ones</li>
</ul>
<p>Here is the docker-compose equivalent :
<div class="highlight"><pre><span></span><code><a id="__codelineno-6-1" name="__codelineno-6-1" href="#__codelineno-6-1"></a><span class="nt">version</span><span class="p">:</span><span class="w"> </span><span class="s">&#39;3&#39;</span><span class="w"></span>
<a id="__codelineno-6-2" name="__codelineno-6-2" href="#__codelineno-6-2"></a>
<a id="__codelineno-6-3" name="__codelineno-6-3" href="#__codelineno-6-3"></a><span class="nt">services</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-4" name="__codelineno-6-4" href="#__codelineno-6-4"></a>
<a id="__codelineno-6-5" name="__codelineno-6-5" href="#__codelineno-6-5"></a><span class="w"> </span><span class="nt">mybunker</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-6" name="__codelineno-6-6" href="#__codelineno-6-6"></a><span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bunkerity/bunkerweb:1.4.0</span><span class="w"></span>
<a id="__codelineno-6-7" name="__codelineno-6-7" href="#__codelineno-6-7"></a><span class="w"> </span><span class="nt">networks</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-8" name="__codelineno-6-8" href="#__codelineno-6-8"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-services</span><span class="w"></span>
<a id="__codelineno-6-9" name="__codelineno-6-9" href="#__codelineno-6-9"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-ui</span><span class="w"></span>
<a id="__codelineno-6-10" name="__codelineno-6-10" href="#__codelineno-6-10"></a><span class="w"> </span><span class="nt">ports</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-11" name="__codelineno-6-11" href="#__codelineno-6-11"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">80:8080</span><span class="w"></span>
<a id="__codelineno-6-12" name="__codelineno-6-12" href="#__codelineno-6-12"></a><span class="w"> </span><span class="nt">volumes</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-13" name="__codelineno-6-13" href="#__codelineno-6-13"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-data:/data</span><span class="w"></span>
<a id="__codelineno-6-14" name="__codelineno-6-14" href="#__codelineno-6-14"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-confs:/etc/nginx</span><span class="w"></span>
<a id="__codelineno-6-15" name="__codelineno-6-15" href="#__codelineno-6-15"></a><span class="w"> </span><span class="nt">environment</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-16" name="__codelineno-6-16" href="#__codelineno-6-16"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">SERVER_NAME=bwadm.example.com</span><span class="w"></span>
<a id="__codelineno-6-17" name="__codelineno-6-17" href="#__codelineno-6-17"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">MULTISITE=yes</span><span class="w"></span>
<a id="__codelineno-6-18" name="__codelineno-6-18" href="#__codelineno-6-18"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24</span><span class="w"></span>
<a id="__codelineno-6-19" name="__codelineno-6-19" href="#__codelineno-6-19"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bwadm.example.com_USE_UI=yes</span><span class="w"></span>
<a id="__codelineno-6-20" name="__codelineno-6-20" href="#__codelineno-6-20"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bwadm.example.com_USE_REVERSE_PROXY=yes</span><span class="w"></span>
<a id="__codelineno-6-21" name="__codelineno-6-21" href="#__codelineno-6-21"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bwadm.example.com_REVERSE_PROXY_URL=/changeme/</span><span class="w"></span>
<a id="__codelineno-6-22" name="__codelineno-6-22" href="#__codelineno-6-22"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bwadm.example.com_REVERSE_PROXY_HOST=http://myui:7000</span><span class="w"></span>
<a id="__codelineno-6-23" name="__codelineno-6-23" href="#__codelineno-6-23"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bwadm.example.com_REVERSE_PROXY_HEADERS=X-Script-Name /changeme</span><span class="w"></span>
<a id="__codelineno-6-24" name="__codelineno-6-24" href="#__codelineno-6-24"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bwadm.example.com_REVERSE_PROXY_INTERCEPT_ERRORS=no</span><span class="w"></span>
<a id="__codelineno-6-25" name="__codelineno-6-25" href="#__codelineno-6-25"></a><span class="w"> </span><span class="nt">labels</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-26" name="__codelineno-6-26" href="#__codelineno-6-26"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">&quot;bunkerweb.UI&quot;</span><span class="w"></span>
<a id="__codelineno-6-27" name="__codelineno-6-27" href="#__codelineno-6-27"></a>
<a id="__codelineno-6-28" name="__codelineno-6-28" href="#__codelineno-6-28"></a><span class="w"> </span><span class="nt">myui</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-29" name="__codelineno-6-29" href="#__codelineno-6-29"></a><span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bunkerity/bunkerweb-ui:1.4.0</span><span class="w"></span>
<a id="__codelineno-6-30" name="__codelineno-6-30" href="#__codelineno-6-30"></a><span class="w"> </span><span class="nt">depends_on</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-31" name="__codelineno-6-31" href="#__codelineno-6-31"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">mydocker</span><span class="w"></span>
<a id="__codelineno-6-32" name="__codelineno-6-32" href="#__codelineno-6-32"></a><span class="w"> </span><span class="nt">networks</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-33" name="__codelineno-6-33" href="#__codelineno-6-33"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-ui</span><span class="w"></span>
<a id="__codelineno-6-34" name="__codelineno-6-34" href="#__codelineno-6-34"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-docker</span><span class="w"></span>
<a id="__codelineno-6-35" name="__codelineno-6-35" href="#__codelineno-6-35"></a><span class="w"> </span><span class="nt">volumes</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-36" name="__codelineno-6-36" href="#__codelineno-6-36"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-data:/data</span><span class="w"></span>
<a id="__codelineno-6-37" name="__codelineno-6-37" href="#__codelineno-6-37"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-confs:/etc/nginx</span><span class="w"></span>
<a id="__codelineno-6-38" name="__codelineno-6-38" href="#__codelineno-6-38"></a><span class="w"> </span><span class="nt">environment</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-39" name="__codelineno-6-39" href="#__codelineno-6-39"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">DOCKER_HOST=tcp://mydocker:2375</span><span class="w"></span>
<a id="__codelineno-6-40" name="__codelineno-6-40" href="#__codelineno-6-40"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ADMIN_USERNAME=admin</span><span class="w"></span>
<a id="__codelineno-6-41" name="__codelineno-6-41" href="#__codelineno-6-41"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ADMIN_PASSWORD=changeme</span><span class="w"></span>
<a id="__codelineno-6-42" name="__codelineno-6-42" href="#__codelineno-6-42"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ABSOLUTE_URI=http(s)://bwadm.example.com/changeme/</span><span class="w"></span>
<a id="__codelineno-6-43" name="__codelineno-6-43" href="#__codelineno-6-43"></a>
<a id="__codelineno-6-44" name="__codelineno-6-44" href="#__codelineno-6-44"></a><span class="w"> </span><span class="nt">mydocker</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-45" name="__codelineno-6-45" href="#__codelineno-6-45"></a><span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">tecnativa/docker-socket-proxy</span><span class="w"></span>
<a id="__codelineno-6-46" name="__codelineno-6-46" href="#__codelineno-6-46"></a><span class="w"> </span><span class="nt">networks</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-47" name="__codelineno-6-47" href="#__codelineno-6-47"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-docker</span><span class="w"></span>
<a id="__codelineno-6-48" name="__codelineno-6-48" href="#__codelineno-6-48"></a><span class="w"> </span><span class="nt">volumes</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-49" name="__codelineno-6-49" href="#__codelineno-6-49"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/var/run/docker.sock:/var/run/docker.sock:ro</span><span class="w"></span>
<a id="__codelineno-6-50" name="__codelineno-6-50" href="#__codelineno-6-50"></a>
<a id="__codelineno-6-51" name="__codelineno-6-51" href="#__codelineno-6-51"></a><span class="nt">networks</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-52" name="__codelineno-6-52" href="#__codelineno-6-52"></a><span class="w"> </span><span class="nt">bw-services</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-53" name="__codelineno-6-53" href="#__codelineno-6-53"></a><span class="w"> </span><span class="nt">bw-ui</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-54" name="__codelineno-6-54" href="#__codelineno-6-54"></a><span class="w"> </span><span class="nt">ipam</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-55" name="__codelineno-6-55" href="#__codelineno-6-55"></a><span class="w"> </span><span class="nt">driver</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">default</span><span class="w"></span>
<a id="__codelineno-6-56" name="__codelineno-6-56" href="#__codelineno-6-56"></a><span class="w"> </span><span class="nt">config</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-57" name="__codelineno-6-57" href="#__codelineno-6-57"></a><span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">subnet</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">10.20.30.0/24</span><span class="w"></span>
<a id="__codelineno-6-58" name="__codelineno-6-58" href="#__codelineno-6-58"></a><span class="w"> </span><span class="nt">bw-docker</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-59" name="__codelineno-6-59" href="#__codelineno-6-59"></a>
<a id="__codelineno-6-60" name="__codelineno-6-60" href="#__codelineno-6-60"></a><span class="nt">volumes</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-61" name="__codelineno-6-61" href="#__codelineno-6-61"></a><span class="w"> </span><span class="nt">bw-data</span><span class="p">:</span><span class="w"></span>
<a id="__codelineno-6-62" name="__codelineno-6-62" href="#__codelineno-6-62"></a><span class="w"> </span><span class="nt">bw-confs</span><span class="p">:</span><span class="w"></span>
<div class="highlight"><pre><span></span><code><span class="nt">version</span><span class="p">:</span><span class="w"> </span><span class="s">&#39;3&#39;</span><span class="w"></span>
<span class="nt">services</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="nt">mybunker</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bunkerity/bunkerweb:1.4.1</span><span class="w"></span>
<span class="w"> </span><span class="nt">networks</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-services</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-ui</span><span class="w"></span>
<span class="w"> </span><span class="nt">ports</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">80:8080</span><span class="w"></span>
<span class="w"> </span><span class="nt">volumes</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-data:/data</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-confs:/etc/nginx</span><span class="w"></span>
<span class="w"> </span><span class="nt">environment</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">SERVER_NAME=bwadm.example.com</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">MULTISITE=yes</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bwadm.example.com_USE_UI=yes</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bwadm.example.com_USE_REVERSE_PROXY=yes</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bwadm.example.com_REVERSE_PROXY_URL=/changeme/</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bwadm.example.com_REVERSE_PROXY_HOST=http://myui:7000</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bwadm.example.com_REVERSE_PROXY_HEADERS=X-Script-Name /changeme</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bwadm.example.com_REVERSE_PROXY_INTERCEPT_ERRORS=no</span><span class="w"></span>
<span class="w"> </span><span class="nt">labels</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="s">&quot;bunkerweb.UI&quot;</span><span class="w"></span>
<span class="w"> </span><span class="nt">myui</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bunkerity/bunkerweb-ui:1.4.1</span><span class="w"></span>
<span class="w"> </span><span class="nt">depends_on</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">mydocker</span><span class="w"></span>
<span class="w"> </span><span class="nt">networks</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-ui</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-docker</span><span class="w"></span>
<span class="w"> </span><span class="nt">volumes</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-data:/data</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-confs:/etc/nginx</span><span class="w"></span>
<span class="w"> </span><span class="nt">environment</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">DOCKER_HOST=tcp://mydocker:2375</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ADMIN_USERNAME=admin</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ADMIN_PASSWORD=changeme</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">ABSOLUTE_URI=http(s)://bwadm.example.com/changeme/</span><span class="w"></span>
<span class="w"> </span><span class="nt">mydocker</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="nt">image</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">tecnativa/docker-socket-proxy</span><span class="w"></span>
<span class="w"> </span><span class="nt">networks</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">bw-docker</span><span class="w"></span>
<span class="w"> </span><span class="nt">volumes</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">/var/run/docker.sock:/var/run/docker.sock:ro</span><span class="w"></span>
<span class="nt">networks</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="nt">bw-services</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="nt">bw-ui</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="nt">ipam</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="nt">driver</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">default</span><span class="w"></span>
<span class="w"> </span><span class="nt">config</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="p p-Indicator">-</span><span class="w"> </span><span class="nt">subnet</span><span class="p">:</span><span class="w"> </span><span class="l l-Scalar l-Scalar-Plain">10.20.30.0/24</span><span class="w"></span>
<span class="w"> </span><span class="nt">bw-docker</span><span class="p">:</span><span class="w"></span>
<span class="nt">volumes</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="nt">bw-data</span><span class="p">:</span><span class="w"></span>
<span class="w"> </span><span class="nt">bw-confs</span><span class="p">:</span><span class="w"></span>
</code></pre></div></p>
</div>
<div class="tabbed-block">
<p>The installation of the web UI using the <a href="/1.4/integrations/#linux">Linux integration</a> is pretty straightforward because it is installed with BunkerWeb.</p>
<p>The first thing to do is to edit the BunkerWeb configuration located at <strong>/opt/bunkerweb/variables.env</strong> to add settings related to the web UI :
<div class="highlight"><pre><span></span><code><a id="__codelineno-7-1" name="__codelineno-7-1" href="#__codelineno-7-1"></a>HTTP_PORT=80
<a id="__codelineno-7-2" name="__codelineno-7-2" href="#__codelineno-7-2"></a>HTTPS_PORT=443
<a id="__codelineno-7-3" name="__codelineno-7-3" href="#__codelineno-7-3"></a>DNS_RESOLVERS=8.8.8.8 8.8.4.4
<a id="__codelineno-7-4" name="__codelineno-7-4" href="#__codelineno-7-4"></a>...
<a id="__codelineno-7-5" name="__codelineno-7-5" href="#__codelineno-7-5"></a>SERVER_NAME=bwadm.example.com
<a id="__codelineno-7-6" name="__codelineno-7-6" href="#__codelineno-7-6"></a>MULTISITE=yes
<a id="__codelineno-7-7" name="__codelineno-7-7" href="#__codelineno-7-7"></a>USE_API=yes
<a id="__codelineno-7-8" name="__codelineno-7-8" href="#__codelineno-7-8"></a>API_WHITELIST_IP=127.0.0.0/8
<a id="__codelineno-7-9" name="__codelineno-7-9" href="#__codelineno-7-9"></a>bwadm.example.com_USE_UI=yes
<a id="__codelineno-7-10" name="__codelineno-7-10" href="#__codelineno-7-10"></a>bwadm.example.com_USE_REVERSE_PROXY=yes
<a id="__codelineno-7-11" name="__codelineno-7-11" href="#__codelineno-7-11"></a>bwadm.example.com_REVERSE_PROXY_URL=/changeme
<a id="__codelineno-7-12" name="__codelineno-7-12" href="#__codelineno-7-12"></a>bwadm.example.com_REVERSE_PROXY_HOST=http://myui:7000
<a id="__codelineno-7-13" name="__codelineno-7-13" href="#__codelineno-7-13"></a>bwadm.example.com_REVERSE_PROXY_HEADER=X-Script-Name /changeme
<a id="__codelineno-7-14" name="__codelineno-7-14" href="#__codelineno-7-14"></a>bwadm.example.com_REVERSE_PROXY_INTERCEPT_ERRORS=no
<a id="__codelineno-7-15" name="__codelineno-7-15" href="#__codelineno-7-15"></a>...
<div class="highlight"><pre><span></span><code>HTTP_PORT=80
HTTPS_PORT=443
DNS_RESOLVERS=8.8.8.8 8.8.4.4
...
SERVER_NAME=bwadm.example.com
MULTISITE=yes
USE_API=yes
API_WHITELIST_IP=127.0.0.0/8
bwadm.example.com_USE_UI=yes
bwadm.example.com_USE_REVERSE_PROXY=yes
bwadm.example.com_REVERSE_PROXY_URL=/changeme
bwadm.example.com_REVERSE_PROXY_HOST=http://myui:7000
bwadm.example.com_REVERSE_PROXY_HEADER=X-Script-Name /changeme
bwadm.example.com_REVERSE_PROXY_INTERCEPT_ERRORS=no
...
</code></pre></div></p>
<p>Important things to note :</p>
<ul>
@ -815,12 +815,12 @@ documentation for the current version.
<li>replace the <code>/changeme</code> URL with a custom one of your choice</li>
</ul>
<p>Once the configuration file is edited, you will need to reload BunkerWeb :
<div class="highlight"><pre><span></span><code><a id="__codelineno-8-1" name="__codelineno-8-1" href="#__codelineno-8-1"></a>systemctl reload bunkerweb
<div class="highlight"><pre><span></span><code>systemctl reload bunkerweb
</code></pre></div></p>
<p>You can edit the <strong>/opt/bunkerweb/ui.env</strong> file containing the settings of the web UI :
<div class="highlight"><pre><span></span><code><a id="__codelineno-9-1" name="__codelineno-9-1" href="#__codelineno-9-1"></a>ADMIN_USERNAME=admin
<a id="__codelineno-9-2" name="__codelineno-9-2" href="#__codelineno-9-2"></a>ADMIN_PASSWORD=changeme
<a id="__codelineno-9-3" name="__codelineno-9-3" href="#__codelineno-9-3"></a>ABSOLUTE_URI=http(s)://bwadm.example.com/changeme/
<div class="highlight"><pre><span></span><code>ADMIN_USERNAME=admin
ADMIN_PASSWORD=changeme
ABSOLUTE_URI=http(s)://bwadm.example.com/changeme/
</code></pre></div></p>
<p>Important things to note :</p>
<ul>
@ -828,7 +828,7 @@ documentation for the current version.
<li>replace the username <code>admin</code> and password <code>changeme</code> with strong ones</li>
</ul>
<p>Restart the BunkerWeb UI service and you are now ready to access it :
<div class="highlight"><pre><span></span><code><a id="__codelineno-10-1" name="__codelineno-10-1" href="#__codelineno-10-1"></a>systemctl restart bunkerweb-ui
<div class="highlight"><pre><span></span><code>systemctl restart bunkerweb-ui
</code></pre></div></p>
</div>
</div>
@ -937,7 +937,7 @@ documentation for the current version.
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate", "content.code.annotate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script id="__config" type="application/json">{"base": "..", "features": ["navigation.tracking", "navigation.tabs", "navigation.tabs.sticky", "toc.integrate"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../assets/javascripts/workers/search.bd0b6b67.min.js", "version": {"provider": "mike", "version": "latest"}}</script>
<script src="../assets/javascripts/bundle.467223ff.min.js"></script>