search

bunkerity / bunkerweb

🛡️ Open-source and next-generation Web Application Firewall (WAF)
https://www.bunkerweb.io
GNU Affero General Public License v3.0
6.46k stars 363 forks source link

[BUG] UI config not being overridden by autoconf/scheduler #1302

Closed cocoonkid closed 1 month ago

cocoonkid commented 4 months ago

What happened?

I have set basic auth in bunkerweb docker compose from the .env

image

image: bunkerity/bunkerweb:1.5.8 image

and it works. But when I set it in another services like invidious: image

it still asks for auth. (EDIT: I fixed the typo there with bunkerweg is now bunkerweb)

I restarted & recreated all containers. Also deleted all bunkerweb volumes and fully reinitialized with 1.5.8 but it still does not work as expected.

What could the problem be ?

How to reproduce?

Set basic auth for multisite. It works as expected.

set the following in docker compose of other service as 

labels:
      - "bunkerweb.USE_LIMIT_CONN=no"
      - "bunkerweb.USE_LIMIT_REQ=no"
      - "bunkerweb.USE_ANTIBOT=no"
      - "bunkerweb.USE_AUTH_BASIC=no"

get ignored.

Configuration file(s) (yaml or .env)

No response

Relevant log output

No response

BunkerWeb version

1.5.8

What integration are you using?

Docker

Linux distribution (if applicable)

Ubuntu 24.04

Removed private data

Code of Conduct

cocoonkid commented 4 months ago

I found the problem. As it looks I had basic auth set in the bunkerweb admin UI. I must have done that literally years ago :-) So I would recommend that a check get's added that will log an Info out like:

Basic Auth env var for service  {servicename }is configured differently from your Bunkerweb UI settings. Please make sure this is what you want.

or any env var always overrides the UI settings. Or they autocorrect accordingly ? does this make sense ?

TheophileDiot commented 4 months ago

Hi @cocoonkid, thank you for opening this issue, I'll have a look and let you know !

TheophileDiot commented 4 months ago

I couldn't reproduce the issue, did you restarted your service correctly ?

docker compose -f myfile.yml down
docker compose -f myfile.yml up
cocoonkid commented 3 months ago

Hi, sorry for taking time to reply.

I found this happens to all 1.5.7 that I updated to 1.5.8. The webui settings suddenly overrode the settings from the compose file.

With 1.5.9 it seems to be ok again. Will verify soon and report back.

TheophileDiot commented 3 months ago

Hi @cocoonkid, thank you for the update !

cocoonkid commented 1 month ago

Yes this seem to be working. Sorry for the late reply.