Integrations
Docker
Using BunkerWeb as a Docker container is a quick and easy way to test and use it as long as you are familiar with the Docker technology.
We provide ready-to-use prebuilt images for x64, x86 armv8 and armv7 architectures on Docker Hub :
docker pull bunkerity/bunkerweb:1.4.8
Alternatively, you can build the Docker images directly from the source (and get a coffee ☕ because it may take a long time depending on your hardware) :
git clone https://github.com/bunkerity/bunkerweb.git && \
cd bunkerweb && \
docker build -t my-bunkerweb .
BunkerWeb container's usage and configuration are based on :
- Environment variables to configure BunkerWeb and meet your use cases
- Volume to cache important data and mount custom configuration files
- Networks to expose ports for clients and connect to upstream web services
Environment variables
Settings are passed to BunkerWeb using Docker environment variables. You can use the -e flag :
docker run \
...
-e MY_SETTING=value \
-e "MY_OTHER_SETTING=value with spaces" \
...
bunkerity/bunkerweb:1.4.8
Here is the docker-compose equivalent :
...
services:
mybunker:
image: bunkerity/bunkerweb:1.4.8
environment:
- MY_SETTING=value
Full list
For the complete list of environment variables, see the settings section of the documentation.
Volume
A volume is used to share data with BunkerWeb and store persistent data like certificates, cached files, ...
The easiest way of managing the volume is by using a named one. You will first need to create it :
docker volume create bw_data
Once it's created, you will be able to mount it on /data when running the container :
docker run \
...
-v bw_data:/data \
...
bunkerity/bunkerweb:1.4.8
Here is the docker-compose equivalent :
...
services:
mybunker:
image: bunkerity/bunkerweb:1.4.8
volumes:
- bw_data:/data
...
volumes:
bw_data:
Using local folder for persistent data
BunkerWeb runs as an unprivileged user with UID 101 and GID 101 inside the container. The reason behind this is security : in case a vulnerability is exploited, the attacker won't have full root (UID/GID 0) privileges. But there is a downside : if you use a local folder for the persistent data, you will need to set the correct permissions so the unprivileged user can write data to it. Something like that should do the trick :
mkdir bw-data && \
chown root:101 bw-data && \
chmod 770 bw-data
Alternatively, if the folder already exists :
chown -R root:101 bw-data && \
chmod -R 770 bw-data
If you are using Docker in rootless mode or podman, UIDs and GIDs in the container will be mapped to different ones in the host. You will first need to check your initial subuid and subgid :
grep ^$(whoami): /etc/subuid && \
grep ^$(whoami): /etc/subgid
For example, if you have a value of 100000, the mapped UID/GID will be 100100 (100000 + 100) :
mkdir bw-data && \
sudo chgrp 100100 bw-data && \
chmod 770 bw-data
Or if the folder already exists :
sudo chgrp -R 100100 bw-data && \
chmod -R 770 bw-data
Networks
By default, BunkerWeb container is listening (inside the container) on 8080/tcp for HTTP and 8443/tcp for HTTPS.
Privileged ports in rootless mode or when using podman
If you are using Docker in rootless mode and want to redirect privileged ports (< 1024) like 80 and 443 to BunkerWeb, please refer to the prerequisites here.
If you are using podman you can lower the minimum number for unprivileged ports :
sudo sysctl net.ipv4.ip_unprivileged_port_start=1
The easiest way to connect BunkerWeb to web applications is by using Docker networks.
First of all, you will need to create a network :
docker network create mynetwork
Once it's created, you will need to connect the container to that network :
docker run \
...
--network mynetwork \
...
bunkerity/bunkerweb:1.4.8
You will also need to do the same with your web application(s). Please note that the other containers are accessible using their name as the hostname.
Here is the docker-compose equivalent :
...
services:
mybunker:
image: bunkerity/bunkerweb:1.4.8
networks:
- bw-net
...
networks:
bw-net:
Docker autoconf
Docker integration
The Docker autoconf integration is an "evolution" of the Docker one. Please read the Docker integration section first if needed.
The downside of using environment variables is that the container needs to be recreated each time there is an update which is not very convenient. To counter that issue, you can use another image called autoconf which will listen for Docker events and automatically reconfigure BunkerWeb in real-time without recreating the container.
Instead of defining environment variables for the BunkerWeb container, you simply add labels to your web applications containers and the autoconf will "automagically" take care of the rest.
Multisite mode
The Docker autoconf integration implies the use of multisite mode. Please refer to the multisite section of the documentation for more information.
First of all, you will need to create the data volume :
docker volume create bw-data
Then, you can create two networks (replace 10.20.30.0/24 with an unused subnet of your choice) :
docker network create --subnet 10.20.30.0/24 bw-autoconf && \
docker network create bw-services
- One for communication between BunkerWeb and autoconf
- Another one for communication between BunkerWeb and web applications
You can now create the BunkerWeb container with the AUTOCONF_MODE=yes setting and the bunkerweb.AUTOCONF label (replace 10.20.30.0/24 with the subnet specified before) :
docker run \
-d \
--name mybunker \
--network bw-autoconf \
-p 80:8080 \
-p 443:8443 \
-e AUTOCONF_MODE=yes \
-e MULTISITE=yes \
-e SERVER_NAME= \
-e "API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24" \
-l bunkerweb.AUTOCONF \
bunkerity/bunkerweb:1.4.8 && \
docker network connect bw-services mybunker
Using Docker in rootless mode
If you are using Docker in rootless mode, you will need to replace the mount of the docker socket with the following value : $XDG_RUNTIME_DIR/docker.sock:/var/run/docker.sock:ro.
And the autoconf one :
docker run \
-d \
--name myautoconf \
--network bw-autoconf \
-v bw-data:/data \
-v /var/run/docker.sock:/var/run/docker.sock:ro \
bunkerity/bunkerweb-autoconf:1.4.8
Here is the docker-compose equivalent for the BunkerWeb autoconf stack :
version: '3.5'
services:
mybunker:
image: bunkerity/bunkerweb:1.4.8
ports:
- 80:8080
- 443:8443
environment:
- AUTOCONF_MODE=yes
- MULTISITE=yes
- SERVER_NAME=
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
labels:
- "bunkerweb.AUTOCONF"
networks:
- bw-autoconf
- bw-services
myautoconf:
image: bunkerity/bunkerweb-autoconf:1.4.8
volumes:
- bw-data:/data
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- bw-autoconf
volumes:
bw-data:
networks:
bw-autoconf:
ipam:
driver: default
config:
- subnet: 10.20.30.0/24
bw-services:
name: bw-services
Once the stack is set up, you will be able to create the web application container and add the settings as labels using the "bunkerweb." prefix in order to automatically set up BunkerWeb :
docker run \
-d \
--name myapp \
--network bw-services \
-l bunkerweb.MY_SETTING_1=value1 \
-l bunkerweb.MY_SETTING_2=value2 \
...
mywebapp:4.2
Here is the docker-compose equivalent :
...
services:
myapp:
image: mywebapp:4.2
networks:
bw-services:
aliases:
- myapp
labels:
- "bunkerweb.MY_SETTING_1=value1"
- "bunkerweb.MY_SETTING_2=value2"
...
networks:
bw-services:
external:
name: bw-services
...
Swarm
Docker autoconf
The Docker autoconf integration is similar to the Docker autoconf one (but with services instead of containers). Please read the Docker autoconf integration section first if needed.
To automatically configure BunkerWeb instances, a special service called autoconf, will be scheduled on a manager node. That service will listen for Docker Swarm events like service creation or deletion and automatically configure the BunkerWeb instances in real-time without downtime.
Like the Docker autoconf integration, configuration for web services is defined by using labels starting with the special bunkerweb. prefix.
The recommended setup is to schedule the BunkerWeb service as a global service on all worker nodes and the autoconf service as a single replicated service on a manager node.
First of all, you will need to create two networks (replace 10.20.30.0/24 with an unused subnet of your choice) :
docker network create -d overlay --attachable --subnet 10.20.30.0/24 bw-autoconf && \
docker network create -d overlay --attachable bw-services
- One for communication between BunkerWeb and autoconf
- Another one for communication between BunkerWeb and web applications
You can now create the BunkerWeb service (replace 10.20.30.0/24 with the subnet specified before) :
docker service create \
--name mybunker \
--mode global \
--constraint node.role==worker \
--network bw-autoconf \
--network bw-services \
-p published=80,target=8080,mode=host \
-p published=443,target=8443,mode=host \
-e SWARM_MODE=yes \
-e SERVER_NAME= \
-e MULTISITE=yes \
-e "API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24" \
-l bunkerweb.AUTOCONF \
bunkerity/bunkerweb:1.4.8
And the autoconf one :
docker service \
create \
--name myautoconf \
--constraint node.role==manager \
--network bw-autoconf \
--mount type=bind,source=/var/run/docker.sock,destination=/var/run/docker.sock,ro \
--mount type=volume,source=bw-data,destination=/data \
-e SWARM_MODE=yes \
bunkerity/bunkerweb-autoconf:1.4.8
Here is the docker-compose equivalent (using docker stack deploy) :
version: '3.5'
services:
mybunker:
image: bunkerity/bunkerweb:1.4.8
ports:
- published: 80
target: 8080
mode: host
protocol: tcp
- published: 443
target: 8443
mode: host
protocol: tcp
environment:
- SWARM_MODE=yes
- SERVER_NAME=
- MULTISITE=yes
- API_WHITELIST_IP=127.0.0.0/8 10.20.30.0/24
networks:
- bw-autoconf
- bw-services
deploy:
mode: global
placement:
constraints:
- "node.role==worker"
labels:
- "bunkerweb.AUTOCONF"
myautoconf:
image: bunkerity/bunkerweb-autoconf:1.4.8
environment:
- SWARM_MODE=yes
volumes:
- bw-data:/data
- /var/run/docker.sock:/var/run/docker.sock:ro
networks:
- bw-autoconf
deploy:
replicas: 1
placement:
constraints:
- "node.role==manager"
networks:
bw-autoconf:
driver: overlay
attachable: true
name: bw-autoconf
ipam:
config:
- subnet: 10.20.30.0/24
bw-services:
driver: overlay
attachable: true
name: bw-services
volumes:
bw-data:
Once the BunkerWeb Swarm stack is set up and running (see autoconf logs for more information), you will be able to deploy web applications in the cluster and use labels to dynamically configure BunkerWeb :
docker service \
create \
--name myapp \
--network bw-services \
-l bunkerweb.MY_SETTING_1=value1 \
-l bunkerweb.MY_SETTING_2=value2 \
...
mywebapp:4.2
Here is the docker-compose equivalent (using docker stack deploy) :
...
services:
myapp:
image: mywebapp:4.2
networks:
- bw-services
deploy:
placement:
constraints:
- "node.role==worker"
labels:
- "bunkerweb.MY_SETTING_1=value1"
- "bunkerweb.MY_SETTING_2=value2"
...
networks:
bw-services:
external:
name: bw-services
Kubernetes
The autoconf acts as an Ingress controller and will configure the BunkerWeb instances according to the Ingress resources. It also monitors other Kubernetes objects like ConfigMap for custom configurations.
The first step to install BunkerWeb on a Kubernetes cluster is to add a role and permissions on the cluster for the autoconf :
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: cr-bunkerweb
rules:
- apiGroups: [""]
resources: ["services", "pods", "configmaps"]
verbs: ["get", "watch", "list"]
- apiGroups: ["networking.k8s.io"]
resources: ["ingresses"]
verbs: ["get", "watch", "list"]
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: sa-bunkerweb
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRoleBinding
metadata:
name: crb-bunkerweb
subjects:
- kind: ServiceAccount
name: sa-bunkerweb
namespace: default
apiGroup: ""
roleRef:
kind: ClusterRole
name: cr-bunkerweb
apiGroup: rbac.authorization.k8s.io
The recommended way of deploying BunkerWeb is using a DaemonSet which means each node in the cluster will run an instance of BunkerWeb :
apiVersion: apps/v1
kind: DaemonSet
metadata:
name: bunkerweb
spec:
selector:
matchLabels:
app: bunkerweb
template:
metadata:
labels:
app: bunkerweb
# mandatory annotation
annotations:
bunkerweb.io/AUTOCONF: "yes"
spec:
containers:
- name: bunkerweb
image: bunkerity/bunkerweb
securityContext:
runAsUser: 101
runAsGroup: 101
allowPrivilegeEscalation: false
capabilities:
drop:
- ALL
ports:
- containerPort: 8080
hostPort: 80
- containerPort: 8443
hostPort: 443
env:
- name: KUBERNETES_MODE
value: "yes"
# replace with your DNS resolvers
# e.g. : kube-dns.kube-system.svc.cluster.local
- name: DNS_RESOLVERS
value: "coredns.kube-system.svc.cluster.local"
- name: USE_API
value: "yes"
# 10.0.0.0/8 is the cluster internal subnet
- name: API_WHITELIST_IP
value: "127.0.0.0/8 10.0.0.0/8"
- name: SERVER_NAME
value: ""
- name: MULTISITE
value: "yes"
livenessProbe:
exec:
command:
- /opt/bunkerweb/helpers/healthcheck.sh
initialDelaySeconds: 30
periodSeconds: 5
timeoutSeconds: 1
failureThreshold: 3
readinessProbe:
exec:
command:
- /opt/bunkerweb/helpers/healthcheck.sh
initialDelaySeconds: 30
periodSeconds: 1
timeoutSeconds: 1
failureThreshold: 3
---
apiVersion: v1
kind: Service
metadata:
name: svc-bunkerweb
spec:
clusterIP: None
selector:
app: bunkerweb
In order to store persistent data, you will need a PersistentVolumeClaim :
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: pvc-bunkerweb
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 5Gi
Now, you can start the autoconf as a single replica Deployment :
apiVersion: apps/v1
kind: Deployment
metadata:
name: bunkerweb-controller
spec:
replicas: 1
strategy:
type: Recreate
selector:
matchLabels:
app: bunkerweb-controller
template:
metadata:
labels:
app: bunkerweb-controller
spec:
serviceAccountName: sa-bunkerweb
volumes:
- name: vol-bunkerweb
persistentVolumeClaim:
claimName: pvc-bunkerweb
containers:
- name: bunkerweb-controller
image: bunkerity/bunkerweb-autoconf
imagePullPolicy: Always
env:
- name: KUBERNETES_MODE
value: "yes"
volumeMounts:
- name: vol-bunkerweb
mountPath: /data
Once the BunkerWeb Kubernetes stack is set up and running (see autoconf logs for more information), you will be able to deploy web applications in the cluster and declare your Ingress resource. Please note that settings need to be set as annotations for the Ingress resource with the special value bunkerweb.io for the domain part :
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: ingress
annotations:
bunkerweb.io/MY_SETTING_1: "value1"
bunkerweb.io/MY_SETTING_2: "value2"
spec:
rules:
...
Linux
List of supported Linux distros :
- Debian 11 "Bullseye"
- Ubuntu 22.04 "Jammy"
- Fedora 36
- CentOS Stream 8
Please note that you will need to install NGINX 1.20.2 before BunkerWeb. For all distros, except Fedora, using prebuilt packages from official NGINX repository is mandatory. Compiling NGINX from source or using packages from different repositories won't work with the official prebuilt packages of BunkerWeb but you can build it from source.
Repositories of Linux packages for BunkerWeb are available on PackageCloud. They provide a bash script to add and trust the repository automatically (but you can also follow the manual installation instructions if you prefer).
The first step is to add NGINX official repository :
sudo apt install -y curl gnupg2 ca-certificates lsb-release debian-archive-keyring && \
curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \
| sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null && \
echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
http://nginx.org/packages/debian `lsb_release -cs` nginx" \
| sudo tee /etc/apt/sources.list.d/nginx.list
You should now be able to install NGINX 1.20.2 :
sudo apt update && \
sudo apt install -y nginx=1.20.2-1~$(lsb_release -cs)
And finally install BunkerWeb 1.4.8 :
curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.deb.sh | sudo bash && \
sudo apt update && \
sudo apt install -y bunkerweb=1.4.8
To prevent upgrading NGINX and/or BunkerWeb packages when executing apt upgrade, you can use the following command :
sudo apt-mark hold nginx bunkerweb
The first step is to add NGINX official repository :
sudo apt install -y curl gnupg2 ca-certificates lsb-release ubuntu-keyring && \
curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor \
| sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null && \
echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
http://nginx.org/packages/ubuntu `lsb_release -cs` nginx" \
| sudo tee /etc/apt/sources.list.d/nginx.list
You should now be able to install NGINX 1.20.2 :
sudo apt update && \
sudo apt install -y nginx=1.20.2-1~jammy
And finally install BunkerWeb 1.4.8 :
curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.deb.sh | sudo bash && \
sudo apt update && \
sudo apt install -y bunkerweb=1.4.8
To prevent upgrading NGINX and/or BunkerWeb packages when executing apt upgrade, you can use the following command :
sudo apt-mark hold nginx bunkerweb
Fedora already provides NGINX 1.20.2 that we support :
sudo dnf install -y nginx-1.20.2
And finally install BunkerWeb 1.4.8 :
curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.rpm.sh | \
sed 's/yum install -y pygpgme --disablerepo='\''bunkerity_bunkerweb'\''/yum install -y python-gnupg/g' | \
sed 's/pypgpme_check=`rpm -qa | grep -qw pygpgme`/python-gnupg_check=`rpm -qa | grep -qw python-gnupg`/g' | sudo bash && \
sudo dnf makecache && \
sudo dnf install -y bunkerweb-1.4.8
To prevent upgrading NGINX and/or BunkerWeb packages when executing dnf upgrade, you can use the following command :
sudo dnf versionlock add nginx && \
sudo dnf versionlock add bunkerweb
The first step is to add NGINX official repository. Create the following file at /etc/yum.repos.d/nginx.repo :
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=1
enabled=1
gpgkey=https://nginx.org/keys/nginx_signing.key
module_hotfixes=true
You should now be able to install NGINX 1.20.2 :
sudo dnf install nginx-1.20.2
And finally install BunkerWeb 1.4.8 :
dnf install -y epel-release && \
curl -s https://packagecloud.io/install/repositories/bunkerity/bunkerweb/script.rpm.sh | sudo bash && \
sudo dnf check-update && \
sudo dnf install -y bunkerweb-1.4.8
To prevent upgrading NGINX and/or BunkerWeb packages when executing dnf upgrade, you can use the following command :
sudo dnf versionlock add nginx && \
sudo dnf versionlock add bunkerweb
The first step is to install NGINX 1.20.2 using the repository of your choice or by compiling it from source.
The target installation folder of BunkerWeb is located at /opt/bunkerweb, let's create it :
mkdir /opt/bunkerweb
You can now clone the BunkerWeb project to the /tmp folder :
https://github.com/bunkerity/bunkerweb.git /tmp/bunkerweb
BunkerWeb needs some dependencies to be compiled and installed to /opt/bunkerweb/deps, the easiest way to do it is by executing the install.sh helper script (please note that you will need to install additional packages which is not covered in this procedure and depends on your own system) :
mkdir /opt/bunkerweb/deps && \
/tmp/bunkerweb/deps/install.sh
Additional Python dependencies needs to be installed into the /opt/bunkerweb/deps/python folder :
mkdir /opt/bunkerweb/deps/python && \
pip install --no-cache-dir --require-hashes --target /opt/bunkerweb/deps/python -r /tmp/bunkerweb/deps/requirements.txt && \
pip install --no-cache-dir --target /opt/bunkerweb/deps/python -r /tmp/bunkerweb/ui/requirements.txt
Once dependencies are installed, you will be able to copy the BunkerWeb sources to the target /opt/bunkerweb folder :
for src in api cli confs core gen helpers job lua misc utils ui settings.json VERSION linux/variables.env linux/ui.env linux/scripts ; do
cp -r /tmp/bunkerweb/${src} /opt/bunkerweb
done
cp /opt/bunkerweb/helpers/bwcli /usr/local/bin
Additional folders also need to be created :
mkdir /opt/bunkerweb/{configs,cache,plugins,tmp}
Permissions needs to be fixed :
find /opt/bunkerweb -path /opt/bunkerweb/deps -prune -o -type f -exec chmod 0740 {} \; && \
find /opt/bunkerweb -path /opt/bunkerweb/deps -prune -o -type d -exec chmod 0750 {} \; && \
find /opt/bunkerweb/core/*/jobs/* -type f -exec chmod 750 {} \; && \
chmod 770 /opt/bunkerweb/cache /opt/bunkerweb/tmp && \
chmod 750 /opt/bunkerweb/gen/main.py /opt/bunkerweb/job/main.py /opt/bunkerweb/cli/main.py /opt/bunkerweb/helpers/*.sh /opt/bunkerweb/scripts/*.sh /usr/local/bin/bwcli /opt/bunkerweb/ui/main.py && \
chown -R root:nginx /opt/bunkerweb
Last but not least, you will need to set up systemd unit files :
cp /tmp/bunkerweb/linux/*.service /etc/systemd/system && \
systemctl daemon-reload && \
systemctl stop nginx && \
systemctl disable nginx && \
systemctl enable bunkerweb && \
systemctl enable bunkerweb-ui
The configuration of BunkerWeb is done by editing the /opt/bunkerweb/variables.env file :
MY_SETTING_1=value1
MY_SETTING_2=value2
...
BunkerWeb is managed using systemctl :
- Check BunkerWeb status :
systemctl status bunkerweb - Start it if it's stopped :
systemctl start bunkerweb - Stop it if it's started :
systemctl stop bunkerweb - And restart :
systemctl restart bunkerweb
Ansible
List of supported Linux distros :
- Debian 11 "Bullseye"
- Ubuntu 22.04 "Jammy"
- Fedora 36
- CentOS Stream 8
Ansible is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero downtime rolling updates.
A specific BunkerWeb Ansible role is available on Ansible Galaxy (source code is available here).
First of all, download the role from ansible-galaxy :
ansible-galaxy install bunkerity.bunkerweb
Next, create an inventory by adding the IP adress or FQDN of one or more remote systems, either in /etc/ansible/hosts or in your own playbook inventory.yml :
[mybunkers]
192.0.2.50
192.0.2.51
192.0.2.52
The next step we're going to set up is the SSH connection so Ansible can connect to the managed nodes. Add your public SSH keys to the authorized_keys file on each remote system and ensure you can successfully connect.
In order to use the role, we will create the playbook file named playbook.yml for example :
---
- hosts: all
become: true
roles:
- bunkerity.bunkerweb
Run the playbook :
ansible-playbook -i inventory.yml playbook.yml
Configuration of BunkerWeb is done by using specific role variables :
| Name | Type | Description | Default value |
|---|---|---|---|
bunkerweb_version |
string | Version of BunkerWeb to install. | 1.4.8 |
nginx_version |
string | Version of NGINX to install. | 1.20.2 |
freeze_versions |
boolean | Prevent upgrade of BunkerWeb and NGINX when performing packages upgrades. | true |
variables_env |
string | Path of the variables.env file to configure BunkerWeb. | files/variables.env |
enable_ui |
boolean | Activate the web UI. | false |
custom_ui |
string | Path of the ui.env file to configure the web UI. | files/ui.env |
custom_configs_path |
Dictionary | Each entry is a path of the folder containing custom configurations. Keys are the type of custom configs : http, server-http, modsec, modsec-crs and default-server-http |
empty values |
custom_www |
string | Path of the www directory to upload. | empty value |
custom_plugins |
string | Path of the plugins directory to upload. | empty value |
custom_www_owner |
string | Default owner for www files and folders. | nginx |
custom_www_group |
string | Default group for www files and folders. | nginx |