From 4c070ce72a2552626b5ddbc117c3af67bd8c8483 Mon Sep 17 00:00:00 2001 From: Dmitriy Panchenko Date: Thu, 3 Mar 2022 13:59:44 +0200 Subject: [PATCH 01/22] ref: change branch to dev for tests --- tools/ansible/roles/uashield/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/ansible/roles/uashield/tasks/main.yml b/tools/ansible/roles/uashield/tasks/main.yml index 709d0e4..78732ca 100644 --- a/tools/ansible/roles/uashield/tasks/main.yml +++ b/tools/ansible/roles/uashield/tasks/main.yml @@ -5,7 +5,7 @@ dest: "{{uashield_work_dir}}" accept_hostkey: true force: true - version: "master" + version: "0.0.x" - name: Run uashield shell: "docker-compose up -d --build --force-recreate" From f1b5c6d3cf1c0ad988994d490534b073b6f71ece Mon Sep 17 00:00:00 2001 From: Dmitriy Panchenko Date: Thu, 3 Mar 2022 14:00:11 +0200 Subject: [PATCH 02/22] ref: change repo to dmpanch for tests --- tools/ansible/vars/vars.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/ansible/vars/vars.yaml b/tools/ansible/vars/vars.yaml index c28a41f..f7c35d9 100644 --- a/tools/ansible/vars/vars.yaml +++ b/tools/ansible/vars/vars.yaml @@ -10,5 +10,5 @@ docker_pip_executable: pip3 #Uashield -uashield_git_url: "https://github.com/opengs/uashield" +uashield_git_url: "https://github.com/dmpanch/uashield" uashield_work_dir: /root/uashield/ From d96e193a32aa8a445ed9cd5b34a63c93ee0fc391 Mon Sep 17 00:00:00 2001 From: Dmitriy Panchenko Date: Thu, 3 Mar 2022 17:23:32 +0200 Subject: [PATCH 03/22] ref: disabled proxy --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index 52e137c..1d227ad 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -6,7 +6,7 @@ services: container_name: uashield environment: WORKERS: '256' - USEPROXY: 'true' + USEPROXY: 'false' networks: - shield From cbda8fe260af865b4b04c49b1bd0c5f952a4b5da Mon Sep 17 00:00:00 2001 From: Dmitriy Panchenko Date: Thu, 3 Mar 2022 17:24:20 +0200 Subject: [PATCH 04/22] ref: changed branch to master --- tools/ansible/roles/uashield/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/ansible/roles/uashield/tasks/main.yml b/tools/ansible/roles/uashield/tasks/main.yml index 78732ca..709d0e4 100644 --- a/tools/ansible/roles/uashield/tasks/main.yml +++ b/tools/ansible/roles/uashield/tasks/main.yml @@ -5,7 +5,7 @@ dest: "{{uashield_work_dir}}" accept_hostkey: true force: true - version: "0.0.x" + version: "master" - name: Run uashield shell: "docker-compose up -d --build --force-recreate" From a6c4c8fb3511c16b14dab2da7d871124d5fd0bea Mon Sep 17 00:00:00 2001 From: Dmitriy Panchenko Date: Thu, 3 Mar 2022 17:32:28 +0200 Subject: [PATCH 05/22] ref: added --no-cache option to the docker-compose --- tools/ansible/roles/uashield/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/ansible/roles/uashield/tasks/main.yml b/tools/ansible/roles/uashield/tasks/main.yml index 709d0e4..35d77dc 100644 --- a/tools/ansible/roles/uashield/tasks/main.yml +++ b/tools/ansible/roles/uashield/tasks/main.yml @@ -8,7 +8,7 @@ version: "master" - name: Run uashield - shell: "docker-compose up -d --build --force-recreate" + shell: "docker-compose up -d --build --force-recreate --no-cache" args: chdir: "{{uashield_work_dir}}" From 79a23095a43cf3d62b8a7bb0440a5e2a96748f87 Mon Sep 17 00:00:00 2001 From: Dmitriy Panchenko Date: Thu, 3 Mar 2022 17:34:42 +0200 Subject: [PATCH 06/22] ref: added image name to the docker-compose --- docker-compose.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/docker-compose.yml b/docker-compose.yml index 1d227ad..bffde06 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -4,6 +4,7 @@ services: build: . restart: always container_name: uashield + image: uashield:latest environment: WORKERS: '256' USEPROXY: 'false' From 802253932daa5d976c79fc8eab0e3f87feb714e4 Mon Sep 17 00:00:00 2001 From: Dmitriy Panchenko Date: Thu, 3 Mar 2022 17:41:32 +0200 Subject: [PATCH 07/22] ref: added step for removing old uashield images and containers --- tools/ansible/roles/uashield/tasks/main.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tools/ansible/roles/uashield/tasks/main.yml b/tools/ansible/roles/uashield/tasks/main.yml index 35d77dc..d640e76 100644 --- a/tools/ansible/roles/uashield/tasks/main.yml +++ b/tools/ansible/roles/uashield/tasks/main.yml @@ -7,6 +7,11 @@ force: true version: "master" +- name: Remove old uashield images and containers + shell: "docker container prune && docker image prune -a" + args: + chdir: "{{uashield_work_dir}}" + - name: Run uashield shell: "docker-compose up -d --build --force-recreate --no-cache" args: From 3f8d5b8dd784f17e66e995de7f954a71ab0da134 Mon Sep 17 00:00:00 2001 From: Dmitriy Panchenko Date: Thu, 3 Mar 2022 17:45:42 +0200 Subject: [PATCH 08/22] ref: added -f key for approving images/containers removing --- tools/ansible/roles/uashield/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/ansible/roles/uashield/tasks/main.yml b/tools/ansible/roles/uashield/tasks/main.yml index d640e76..e2997f6 100644 --- a/tools/ansible/roles/uashield/tasks/main.yml +++ b/tools/ansible/roles/uashield/tasks/main.yml @@ -8,7 +8,7 @@ version: "master" - name: Remove old uashield images and containers - shell: "docker container prune && docker image prune -a" + shell: "docker container prune && docker image prune -a -f" args: chdir: "{{uashield_work_dir}}" From cdb6fe29f5f53f07c3455693a3bce9a7981cd87d Mon Sep 17 00:00:00 2001 From: Dmitriy Panchenko Date: Thu, 3 Mar 2022 17:54:17 +0200 Subject: [PATCH 09/22] ref: replaced image/container prune command with system prune --- tools/ansible/roles/uashield/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/ansible/roles/uashield/tasks/main.yml b/tools/ansible/roles/uashield/tasks/main.yml index e2997f6..97f8e71 100644 --- a/tools/ansible/roles/uashield/tasks/main.yml +++ b/tools/ansible/roles/uashield/tasks/main.yml @@ -8,7 +8,7 @@ version: "master" - name: Remove old uashield images and containers - shell: "docker container prune && docker image prune -a -f" + shell: "docker system prune -f" args: chdir: "{{uashield_work_dir}}" From 17637243a7c67aa627882e6d55a6edbec9eb54a0 Mon Sep 17 00:00:00 2001 From: Dmitriy Panchenko Date: Thu, 3 Mar 2022 18:00:42 +0200 Subject: [PATCH 10/22] ref: added check step if docker-compose installed ref: added step for stopping and removing all containers/images before installation --- tools/ansible/roles/docker/tasks/main.yml | 8 +++++++- tools/ansible/roles/uashield/tasks/main.yml | 7 ++++++- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/tools/ansible/roles/docker/tasks/main.yml b/tools/ansible/roles/docker/tasks/main.yml index dc9a632..6b64b68 100644 --- a/tools/ansible/roles/docker/tasks/main.yml +++ b/tools/ansible/roles/docker/tasks/main.yml @@ -24,12 +24,18 @@ state: started enabled: true +- name: Check if docker-compose is already present. + command: which docker-compose + failed_when: false + changed_when: false + register: docker_install_compose + - name: Install Docker Compose using Pip. pip: name: docker-compose state: present executable: "{{ docker_pip_executable }}" - when: docker_install_compose | bool + when: docker_install_compose.rc == 1 - name: Ensure docker users are added to the docker group. user: diff --git a/tools/ansible/roles/uashield/tasks/main.yml b/tools/ansible/roles/uashield/tasks/main.yml index 97f8e71..e199bcb 100644 --- a/tools/ansible/roles/uashield/tasks/main.yml +++ b/tools/ansible/roles/uashield/tasks/main.yml @@ -7,8 +7,13 @@ force: true version: "master" +- name: Stop all containers + shell: "docker-compose down" + args: + chdir: "{{uashield_work_dir}}" + - name: Remove old uashield images and containers - shell: "docker system prune -f" + shell: "docker system prune --all --volumes --force" args: chdir: "{{uashield_work_dir}}" From 1e1d6c2fb0a58a21d0776641872ca2eefe3922a5 Mon Sep 17 00:00:00 2001 From: Dmitriy Panchenko Date: Thu, 3 Mar 2022 18:10:42 +0200 Subject: [PATCH 11/22] ref: removed build/no-cache/force-recreate keys --- tools/ansible/roles/uashield/tasks/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/ansible/roles/uashield/tasks/main.yml b/tools/ansible/roles/uashield/tasks/main.yml index e199bcb..5996086 100644 --- a/tools/ansible/roles/uashield/tasks/main.yml +++ b/tools/ansible/roles/uashield/tasks/main.yml @@ -18,7 +18,7 @@ chdir: "{{uashield_work_dir}}" - name: Run uashield - shell: "docker-compose up -d --build --force-recreate --no-cache" + shell: "docker-compose up -d" args: chdir: "{{uashield_work_dir}}" From 471cb02969e7c7671541b0652d22101c37690a7a Mon Sep 17 00:00:00 2001 From: Dmitriy Panchenko Date: Thu, 3 Mar 2022 18:26:55 +0200 Subject: [PATCH 12/22] ref: remove only uashield image/container insted of all before running --- tools/ansible/roles/uashield/tasks/main.yml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/tools/ansible/roles/uashield/tasks/main.yml b/tools/ansible/roles/uashield/tasks/main.yml index 5996086..e5c5a82 100644 --- a/tools/ansible/roles/uashield/tasks/main.yml +++ b/tools/ansible/roles/uashield/tasks/main.yml @@ -12,10 +12,11 @@ args: chdir: "{{uashield_work_dir}}" -- name: Remove old uashield images and containers - shell: "docker system prune --all --volumes --force" - args: - chdir: "{{uashield_work_dir}}" +- name: Remove old uashield containers + shell: "docker rm uashield" + +- name: Remove old uashield images + shell: "docker rmi -f uashield" - name: Run uashield shell: "docker-compose up -d" From 3f8a5810dd017cb6118fc589d82b540fde87dd49 Mon Sep 17 00:00:00 2001 From: Dmitriy Panchenko Date: Thu, 3 Mar 2022 18:32:06 +0200 Subject: [PATCH 13/22] ref: removed container removing step --- tools/ansible/roles/uashield/tasks/main.yml | 3 --- 1 file changed, 3 deletions(-) diff --git a/tools/ansible/roles/uashield/tasks/main.yml b/tools/ansible/roles/uashield/tasks/main.yml index e5c5a82..e17cffd 100644 --- a/tools/ansible/roles/uashield/tasks/main.yml +++ b/tools/ansible/roles/uashield/tasks/main.yml @@ -12,9 +12,6 @@ args: chdir: "{{uashield_work_dir}}" -- name: Remove old uashield containers - shell: "docker rm uashield" - - name: Remove old uashield images shell: "docker rmi -f uashield" From 79b144987bb9dc3ad26c0d106daf41bd0130f269 Mon Sep 17 00:00:00 2001 From: Dmitriy Panchenko Date: Thu, 3 Mar 2022 18:37:41 +0200 Subject: [PATCH 14/22] ref: changed repo URL to original --- tools/ansible/vars/vars.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/ansible/vars/vars.yaml b/tools/ansible/vars/vars.yaml index f7c35d9..c28a41f 100644 --- a/tools/ansible/vars/vars.yaml +++ b/tools/ansible/vars/vars.yaml @@ -10,5 +10,5 @@ docker_pip_executable: pip3 #Uashield -uashield_git_url: "https://github.com/dmpanch/uashield" +uashield_git_url: "https://github.com/opengs/uashield" uashield_work_dir: /root/uashield/ From fd6f1c3b4eb7c5e56aa22ab178348435c0e56203 Mon Sep 17 00:00:00 2001 From: Dmitriy Panchenko Date: Thu, 3 Mar 2022 18:39:16 +0200 Subject: [PATCH 15/22] ref: enable proxy --- docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.yml b/docker-compose.yml index bffde06..cd19f83 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -7,7 +7,7 @@ services: image: uashield:latest environment: WORKERS: '256' - USEPROXY: 'false' + USEPROXY: 'true' networks: - shield From 64819dcc8b6987dd8b4e24f816b25922b72b5abb Mon Sep 17 00:00:00 2001 From: Dmitriy Panchenko Date: Fri, 4 Mar 2022 01:53:43 +0200 Subject: [PATCH 16/22] ref: removed pip installatino, installing docker compose with curl --- tools/ansible/roles/docker/tasks/main.yml | 11 +++++------ tools/ansible/roles/tools/tasks/main.yaml | 14 +------------- 2 files changed, 6 insertions(+), 19 deletions(-) diff --git a/tools/ansible/roles/docker/tasks/main.yml b/tools/ansible/roles/docker/tasks/main.yml index 6b64b68..d1e9f32 100644 --- a/tools/ansible/roles/docker/tasks/main.yml +++ b/tools/ansible/roles/docker/tasks/main.yml @@ -30,12 +30,11 @@ changed_when: false register: docker_install_compose -- name: Install Docker Compose using Pip. - pip: - name: docker-compose - state: present - executable: "{{ docker_pip_executable }}" - when: docker_install_compose.rc == 1 +- name: Install docker-compose using shell + shell: "sudo curl -L \"https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)\" -o /usr/local/bin/docker-compose" + +- name: Chmod docker-compose + shell: "sudo chmod +x /usr/local/bin/docker-compose" - name: Ensure docker users are added to the docker group. user: diff --git a/tools/ansible/roles/tools/tasks/main.yaml b/tools/ansible/roles/tools/tasks/main.yaml index e1532f2..1c518df 100644 --- a/tools/ansible/roles/tools/tasks/main.yaml +++ b/tools/ansible/roles/tools/tasks/main.yaml @@ -12,16 +12,4 @@ apt: name: git state: latest - when: git_command_result.rc == 1 - -- name: Check if pip is already present. - command: which pip - failed_when: false - changed_when: false - register: pip_command_result - -- name: Install pip - apt: - name: python3-pip - state: latest - when: pip_command_result.rc == 1 + when: git_command_result.rc == 1 \ No newline at end of file From e67801ec1c53666d946e3c49fc7aa4999942ef91 Mon Sep 17 00:00:00 2001 From: Dmitriy Date: Tue, 8 Mar 2022 15:37:10 +0200 Subject: [PATCH 17/22] 0.0.x (#15) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * Improve docs with latest changes (#134) * Add varios scripts to improve ansible workflow * Fix text * Fix var * Update settings * Changed references of 0.0.x to master * Start docker containers on reboot (#128) * Changed script to down and timeout only for one second, added restart always * Added tool terraform-do-uashield (#122) * added tool terraform-do-uashield * added readme * Changed script to restart always and don't wait too much on docker compose down Co-authored-by: adam * Create README.MD Co-authored-by: Denys Butenko Co-authored-by: vtinkerer <72277127+vtinkerer@users.noreply.github.com> Co-authored-by: rdemachkovych * Added MacOS build * Fixed tag builder * docker platform all * Fixed builds * Corrected some English spelling and grammar (#137) * Build for mac arm64 * Corrected some English spelling and grammar Note I do not know Ukrainian, so hopefully this translation is accurate. Glory to Ukraine! Co-authored-by: adam * Too big package for arm dockerfile fix * yarnrc Co-authored-by: Adam Raźniewski Co-authored-by: Denys Butenko Co-authored-by: vtinkerer <72277127+vtinkerer@users.noreply.github.com> Co-authored-by: rdemachkovych Co-authored-by: H. J. Poe <35583004+hjpoe@users.noreply.github.com> --- .../github-actions-buildelectron.yml | 5 --- .../github-actions-buildelectronmacos.yml | 28 ++++++++++++ .../github-actions-docker-master.yml | 2 +- .../workflows/github-actions-docker-tags.yml | 4 +- .github/workflows/github-actions-docker.yml | 2 +- .yarnrc | 1 + Dockerfile | 3 ++ README-en.md | 16 +++---- README.md | 4 +- pwd-docker-compose.yml | 6 +-- quasar.conf.js | 8 +++- tools/README.MD | 7 +++ tools/ansible/README.md | 8 ++++ tools/ansible/ansible.cfg | 5 +++ tools/ansible/create-vm.sh | 18 ++++++++ tools/ansible/roles/stats/tasks/main.yml | 4 +- tools/ansible/roles/uashield/tasks/main.yml | 44 ++++++++++++++----- tools/ansible/stats.yaml | 2 + tools/ansible/update-hosts.sh | 14 ++++++ tools/ansible/update.yaml | 10 +++++ tools/ansible/vars/vars.yaml | 2 + tools/azure/Readme.md | 2 +- tools/azure/azure-custom-data-script.sh | 6 ++- tools/helm/README.md | 2 +- tools/helm/values.yaml | 2 +- tools/terraform-do-uashield/README.md | 36 +++++++++++++++ tools/terraform-do-uashield/provider.tf | 16 +++++++ .../terraform-do-uashield/scripts/uashield.sh | 39 ++++++++++++++++ tools/terraform-do-uashield/uashield.tf | 33 ++++++++++++++ tools/terraform-do-uashield/variables.tf | 14 ++++++ 30 files changed, 303 insertions(+), 40 deletions(-) create mode 100644 .github/workflows/github-actions-buildelectronmacos.yml create mode 100644 .yarnrc create mode 100644 tools/README.MD create mode 100644 tools/ansible/ansible.cfg create mode 100755 tools/ansible/create-vm.sh create mode 100755 tools/ansible/update-hosts.sh create mode 100644 tools/ansible/update.yaml create mode 100644 tools/terraform-do-uashield/README.md create mode 100644 tools/terraform-do-uashield/provider.tf create mode 100644 tools/terraform-do-uashield/scripts/uashield.sh create mode 100644 tools/terraform-do-uashield/uashield.tf create mode 100644 tools/terraform-do-uashield/variables.tf diff --git a/.github/workflows/github-actions-buildelectron.yml b/.github/workflows/github-actions-buildelectron.yml index 286342e..6e8f19e 100644 --- a/.github/workflows/github-actions-buildelectron.yml +++ b/.github/workflows/github-actions-buildelectron.yml @@ -39,11 +39,6 @@ jobs: GH_TOKEN: ${{ secrets.GH_TOKEN }} run: | quasar build --mode electron --publish always -T win - - name: MacOS 64bit - env: - GH_TOKEN: ${{ secrets.GH_TOKEN }} - run: | - quasar build --mode electron --publish always -T darwin - name: Linux armv7l env: GH_TOKEN: ${{ secrets.GH_TOKEN }} diff --git a/.github/workflows/github-actions-buildelectronmacos.yml b/.github/workflows/github-actions-buildelectronmacos.yml new file mode 100644 index 0000000..9d155b6 --- /dev/null +++ b/.github/workflows/github-actions-buildelectronmacos.yml @@ -0,0 +1,28 @@ +name: Node CI MacOS + +on: + push: + branches: + - master + workflow_dispatch: + +jobs: + build_and_test: + runs-on: macos-11 + steps: + - name: Checkout repository + uses: actions/checkout@v2 + - uses: actions/setup-node@v2 + with: + node-version: '14' + - name: dmg-license add + run: | + sudo npm install -g dmg-license + - name: MacOS 64bit + env: + GH_TOKEN: ${{ secrets.GH_TOKEN }} + run: | + rm -rf dist/ + npm install -g @quasar/cli yarn --force + yarn install + quasar build --mode electron --publish always -T darwin diff --git a/.github/workflows/github-actions-docker-master.yml b/.github/workflows/github-actions-docker-master.yml index 57b6f78..3ef5390 100644 --- a/.github/workflows/github-actions-docker-master.yml +++ b/.github/workflows/github-actions-docker-master.yml @@ -30,7 +30,7 @@ jobs: uses: docker/build-push-action@v2 with: context: . - platforms: linux/amd64 + platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6 push: true tags: | ghcr.io/opengs/uashield:latest \ No newline at end of file diff --git a/.github/workflows/github-actions-docker-tags.yml b/.github/workflows/github-actions-docker-tags.yml index 22c8f73..a8dab67 100644 --- a/.github/workflows/github-actions-docker-tags.yml +++ b/.github/workflows/github-actions-docker-tags.yml @@ -38,8 +38,8 @@ jobs: uses: docker/build-push-action@v2 with: context: . - platforms: linux/amd64 + platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6 push: true tags: | ghcr.io/opengs/uashield:${{ steps.extract_tag.outputs.tag }} - ghcr.io/opengs/uashield:${{ steps.extract_tag.outputs.tagv }} + ghcr.io/opengs/uashield:${{ steps.extract_tag_v.outputs.tagv }} diff --git a/.github/workflows/github-actions-docker.yml b/.github/workflows/github-actions-docker.yml index aedcab2..5094b5d 100644 --- a/.github/workflows/github-actions-docker.yml +++ b/.github/workflows/github-actions-docker.yml @@ -34,7 +34,7 @@ jobs: uses: docker/build-push-action@v2 with: context: . - platforms: linux/amd64 + platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6 push: true tags: | ghcr.io/opengs/uashield:${{ steps.extract_branch.outputs.branch }} diff --git a/.yarnrc b/.yarnrc new file mode 100644 index 0000000..9bc2065 --- /dev/null +++ b/.yarnrc @@ -0,0 +1 @@ +network-timeout 600000 \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index 37d062d..7a20495 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,6 +2,7 @@ FROM node:16.9.0-alpine AS builder WORKDIR /code COPY yarn.lock ./yarn.lock +COPY .yarnrc ./.yarnrc COPY packageheadless.json ./package.json # no need to --frozen-lockfile # from docs - If yarn.lock is present and is enough to satisfy all the dependencies listed in package.json, @@ -14,6 +15,8 @@ COPY tsconfig.headless.json ./tsconfig.json RUN yarn build:headless + +# Optimizes the build, so no NODE_MODULES included in image. Don't remove this FROM node:16.9.0-alpine WORKDIR /code diff --git a/README-en.md b/README-en.md index ffafc85..29202c3 100644 --- a/README-en.md +++ b/README-en.md @@ -1,12 +1,12 @@ # UA Cyber SHIELD -*ALERT!!! We not supporting unlawful active attack or malware campaings that are causing technical harms. Use only for educational purposes. You can only try this prlatform on your own website!* +*ALERT!!! We not supporting unlawful active attacks or malware campaigns that are causing technical harm. Use only for educational purposes. You can only try this platform on your own website!* *Дивись цю сторінку [українською](README.md)* [![Release](https://img.shields.io/badge/Release-latest-blue)](https://github.com/opengs/uashield/releases/latest) -**The voluntary Ukrainian cyber defense system** +**The volunteer cyber defense system of Ukraine** - Community: [Discord](https://discord.gg/7BfJ9JKQ98) - Video Instruction [in Ukrainian](https://youtu.be/snTzpRt7a5k) @@ -21,7 +21,7 @@ ## How it works -Our voluntary defense center works are doing all the hard work: monitoring the targets, running the technical infrastructure, coordinating the attack targets, coordinating with the client applications, etc. +Our volunteer defense center does all the hard work: monitoring the targets, running the technical infrastructure, coordinating the attack targets, coordinating with the client applications, etc. When the attack is performed, the application gets the data that it needs automatically. The only thing you need to do is to install it. Targets being attacked are changed automatically and are downloaded from the control center/server. @@ -45,7 +45,7 @@ Targets being attacked are changed automatically and are downloaded from the con Or use [pre-built image](https://github.com/opengs/uashield/pkgs/container/uashield): ```bash -docker run -d ghcr.io/opengs/uashield:0.0.x 512 true +docker run -d ghcr.io/opengs/uashield:master 512 true ``` ## Docker-compose version @@ -67,19 +67,19 @@ docker run -d ghcr.io/opengs/uashield:0.0.x 512 true ## Deploy with Play With Docker - free instance for 4 hours -[![Try in PWD](https://raw.githubusercontent.com/play-with-docker/stacks/master/assets/images/button.png)](https://labs.play-with-docker.com/?stack=https://raw.githubusercontent.com/opengs/uashield/0.0.x/pwd-docker-compose.yml) +[![Try in PWD](https://raw.githubusercontent.com/play-with-docker/stacks/master/assets/images/button.png)](https://labs.play-with-docker.com/?stack=https://raw.githubusercontent.com/opengs/uashield/master/pwd-docker-compose.yml) ## Donations -Donations will be used to fund our operations: +Donations will be used exclusively to fund our operations: 1. Expenses on constantly buying new proxy servers 2. From time to time buying servers for new infastructure -When we will win the war and will be peace in Ukraine, funds will be transfered to voluntary associations to help victims of this war. +When we win the war and there is peace in Ukraine, funds will be transfered to voluntary associations to help victims of this war. You can help us using: - BTC: 11wxDarouPfY6P3misLvFuJ8k8oWhd4qb -Also, here are some variants if you want to help developers with some cofee. So we can continue to skip work and keep invest time in project all nights: +Also, here are some variants if you want to help developers with some coffee, so we can continue to skip work and keep investing time in the project all nights: - BTC: 12CcLYn6zrBcnmvK5fRSAQcJre5jknyTxH We will add more variants in future :) diff --git a/README.md b/README.md index d585818..f4145b4 100644 --- a/README.md +++ b/README.md @@ -45,7 +45,7 @@ Або за допомогою вже [зібраного імежду](https://github.com/opengs/uashield/pkgs/container/uashield): ```bash -docker run -d ghcr.io/opengs/uashield:0.0.x 512 true +docker run -d ghcr.io/opengs/uashield:master 512 true ``` ## Docker-compose версія @@ -67,7 +67,7 @@ docker run -d ghcr.io/opengs/uashield:0.0.x 512 true ## Деплой на Play With Docker - безкоштовний інстанс на 4 години -[![Try in PWD](https://raw.githubusercontent.com/play-with-docker/stacks/master/assets/images/button.png)](https://labs.play-with-docker.com/?stack=https://raw.githubusercontent.com/opengs/uashield/0.0.x/pwd-docker-compose.yml) +[![Try in PWD](https://raw.githubusercontent.com/play-with-docker/stacks/master/assets/images/button.png)](https://labs.play-with-docker.com/?stack=https://raw.githubusercontent.com/opengs/uashield/master/pwd-docker-compose.yml) ## Пожертвування Пожертвування будуть використовуватися виключно для цілей програми: diff --git a/pwd-docker-compose.yml b/pwd-docker-compose.yml index 384baf9..1f72796 100644 --- a/pwd-docker-compose.yml +++ b/pwd-docker-compose.yml @@ -1,11 +1,11 @@ version: '3' services: uashield: - image: ghcr.io/opengs/uashield:0.0.x + image: ghcr.io/opengs/uashield:master restart: always environment: - WORKERS: '512' + WORKERS: '256' USEPROXY: 'false' deploy: - replicas: 6 + replicas: 3 diff --git a/quasar.conf.js b/quasar.conf.js index a0be29f..b5c095f 100644 --- a/quasar.conf.js +++ b/quasar.conf.js @@ -231,7 +231,13 @@ module.exports = configure(function (ctx) { ] }, mac: { - target: 'dmg' + target: [ { + target: 'dmg', + arch: [ + "x64", "arm64" + ] + } + ] }, linux: { target: ['AppImage', 'tar.gz'] diff --git a/tools/README.MD b/tools/README.MD new file mode 100644 index 0000000..cf935e8 --- /dev/null +++ b/tools/README.MD @@ -0,0 +1,7 @@ +# COMMUNITY CREATED + +Fortunately or unfortunately these tools are created by community. + +They can be not up to date, but we are trying our best. + +If you see any issue - make an issue or contact us via Discord. diff --git a/tools/ansible/README.md b/tools/ansible/README.md index 8104f5a..6a0eae0 100644 --- a/tools/ansible/README.md +++ b/tools/ansible/README.md @@ -52,6 +52,10 @@ Optional step, can be skipped ansible-playbook -u root stats.yaml -i hosts +### 8. Update to the latest version and restart containers + + ansible-playbook -u root update.yaml -i hosts + ## UA ### 1. Інсталюйте ansible на свою машину #### Mac OS @@ -97,3 +101,7 @@ ssh-agent bash -c "ssh-add /path/to/keys/*.pem" ### 7. Перевірка статистики успішних запитів ansible-playbook -u root stats.yaml -i hosts + +### 8. Оновити до останньої версії та перезавантажити + + ansible-playbook -u root update.yaml -i hosts diff --git a/tools/ansible/ansible.cfg b/tools/ansible/ansible.cfg new file mode 100644 index 0000000..5c03493 --- /dev/null +++ b/tools/ansible/ansible.cfg @@ -0,0 +1,5 @@ +[defaults] +deprecation_warnings=False +host_key_checking=False +strategy=linear ; default +; strategy=free ; do not wait for complete all hosts diff --git a/tools/ansible/create-vm.sh b/tools/ansible/create-vm.sh new file mode 100755 index 0000000..1eab4ed --- /dev/null +++ b/tools/ansible/create-vm.sh @@ -0,0 +1,18 @@ +#!/bin/bash +# Usage example +# ./create-vm.sh eastus2 + +# Variables +INPUT=$1 +LOCATION="${INPUT:-'norwayeast'}" +RESOURCE_GROUP='STOPWAR' +USER='azureuser' +IMAGE='UbuntuLTS' +for i in {1..4} +do + NAME=uashield-$LOCATION-unit-$i + echo "$NAME : Initializing vm..." + az vm create --admin-user=$USER --location=$LOCATION --name $NAME --resource-group $RESOURCE_GROUP --image $IMAGE --generate-ssh-keys +done + +bash ./update-hosts.sh diff --git a/tools/ansible/roles/stats/tasks/main.yml b/tools/ansible/roles/stats/tasks/main.yml index 3cd06d1..9c3ed57 100644 --- a/tools/ansible/roles/stats/tasks/main.yml +++ b/tools/ansible/roles/stats/tasks/main.yml @@ -1,6 +1,6 @@ - name: Get stats - shell: echo $(docker logs uashield | grep '| 200' -c) + shell: echo $(docker ps -q | xargs -L 1 docker logs | grep '| 200' -c) register: echo_content - debug: - msg: "Hits {{ echo_content.stdout }} requests." + msg: "Hit {{ echo_content.stdout }} requests." diff --git a/tools/ansible/roles/uashield/tasks/main.yml b/tools/ansible/roles/uashield/tasks/main.yml index e17cffd..ae35d6d 100644 --- a/tools/ansible/roles/uashield/tasks/main.yml +++ b/tools/ansible/roles/uashield/tasks/main.yml @@ -1,30 +1,52 @@ --- -- name: Clone uashield repo +- name: Check if repo is exist + stat: + path: "{{uashield_work_dir}}" + failed_when: false + changed_when: false + register: check_uashield_repo + +- name: Clone repo git: repo: "{{uashield_git_url}}" dest: "{{uashield_work_dir}}" accept_hostkey: true force: true version: "master" + when: not check_uashield_repo.stat.exists -- name: Stop all containers - shell: "docker-compose down" +- name: Pull Latest Changes + shell: "git pull" args: chdir: "{{uashield_work_dir}}" + when: check_uashield_repo.stat.exists + +- name: Get Running Docker Containers + shell: "docker ps -aq" + register: docker_info + +- name: Stop Running Docker Containers + shell: "docker stop $(docker ps -aq)" + when: docker_info.stdout + +- name: Remove Docker Containers + shell: "docker rm $(docker ps -aq)" + when: docker_info.stdout -- name: Remove old uashield images +- name: Remove Old Docker Image shell: "docker rmi -f uashield" -- name: Run uashield - shell: "docker-compose up -d" +- name: Build Docker Image + shell: "docker build . -t uashield" args: chdir: "{{uashield_work_dir}}" -- name: Check docker started - shell: "docker ps" - args: - chdir: "{{uashield_work_dir}}" +- name: Run Instance + shell: "docker run -d uashield {{ uashield_threads }} {{ uashield_proxy }}" + +- name: Check Docker is started + command: "docker ps" register: output - ansible.builtin.debug: - var: output + var: output.stdout_lines diff --git a/tools/ansible/stats.yaml b/tools/ansible/stats.yaml index 42a49be..82c33b9 100644 --- a/tools/ansible/stats.yaml +++ b/tools/ansible/stats.yaml @@ -1,5 +1,7 @@ --- - hosts: servers + strategy: linear + gather_facts: no become: yes become_user: root vars_files: diff --git a/tools/ansible/update-hosts.sh b/tools/ansible/update-hosts.sh new file mode 100755 index 0000000..ce68d26 --- /dev/null +++ b/tools/ansible/update-hosts.sh @@ -0,0 +1,14 @@ +#!/bin/bash + +PUBLIC_IP_ADDRESSES="$(az vm list-ip-addresses --query '[*].virtualMachine.network.publicIpAddresses[0].ipAddress' | sed '1d;$d' | cut -d'"' -f2)" +for IP in $PUBLIC_IP_ADDRESSES +do + EXIST="$(cat hosts | awk '{print $1}' | grep $IP)" + if [ "$EXIST" == "$IP" ] + then + echo "[Skipping] $IP already exist" + else + echo $IP >> hosts + echo "[Changed] $IP is added to hosts" + fi +done diff --git a/tools/ansible/update.yaml b/tools/ansible/update.yaml new file mode 100644 index 0000000..4a563a5 --- /dev/null +++ b/tools/ansible/update.yaml @@ -0,0 +1,10 @@ +--- +- hosts: servers + become: yes + become_user: root + vars_files: + - vars/vars.yaml + roles: + - uashield + handlers: + - include: handlers/main.yml diff --git a/tools/ansible/vars/vars.yaml b/tools/ansible/vars/vars.yaml index c28a41f..ec4b48b 100644 --- a/tools/ansible/vars/vars.yaml +++ b/tools/ansible/vars/vars.yaml @@ -12,3 +12,5 @@ docker_pip_executable: pip3 uashield_git_url: "https://github.com/opengs/uashield" uashield_work_dir: /root/uashield/ +uashield_threads: 2500 +uashield_proxy: true diff --git a/tools/azure/Readme.md b/tools/azure/Readme.md index cc918e0..6a67030 100644 --- a/tools/azure/Readme.md +++ b/tools/azure/Readme.md @@ -30,7 +30,7 @@ PLEASE SHARE WITH YOUR FRIENDS AND ANYONE WHO WANTS TO HELP BUT DOESN'T KNOW ![](https://github.com/opengs/uashield/blob/master/tools/azure/images/7.jpg) ![](https://github.com/opengs/uashield/blob/master/tools/azure/images/8.jpg) -8. Go to "Advanced" tab (above) and paste the script [https://github.com/opengs/uashield/blob/0.0.x/tools/azure/azure-custom-data-script.sh](https://github.com/opengs/uashield/blob/0.0.x/tools/azure/azure-custom-data-script.sh) (just copy it as a text) to "Custom data". +8. Go to "Advanced" tab (above) and paste the script [https://github.com/opengs/uashield/blob/master/tools/azure/azure-custom-data-script.sh](https://github.com/opengs/uashield/blob/master/tools/azure/azure-custom-data-script.sh) (just copy it as a text) to "Custom data". ![](https://github.com/opengs/uashield/blob/master/tools/azure/images/9.jpg) 9. Go to "Disk" tab and change "OS disk type" from "Premium SSD" to "Standart SSD". ![](https://github.com/opengs/uashield/blob/master/tools/azure/images/10.jpg) diff --git a/tools/azure/azure-custom-data-script.sh b/tools/azure/azure-custom-data-script.sh index 3027f5d..8b66789 100644 --- a/tools/azure/azure-custom-data-script.sh +++ b/tools/azure/azure-custom-data-script.sh @@ -22,6 +22,7 @@ version: \"3.3\" services: worker: image: ghcr.io/opengs/uashield:latest + restart: always command: - \"7500\" - \"true\"" >> /home/docker-compose.yaml @@ -32,5 +33,8 @@ cd /home/ sudo docker-compose pull && sudo docker-compose up -d --scale worker=$(grep -c ^processor /proc/cpuinfo) -sudo echo "*/30 * * * * cd /home/ && sudo docker-compose down && sudo docker-compose pull && sudo docker-compose up -d --scale worker=$(grep -c ^processor /proc/cpuinfo)" >> /home/cronjob +sudo echo "*/30 * * * * cd /home/ && sudo docker-compose down -t 1 && sudo docker-compose pull && sudo docker-compose up -d --scale worker=$(grep -c ^processor /proc/cpuinfo)" >> /home/cronjob + +# restart:always should do the job to run container on startup, but the hard restart is good here to avoid problems +sudo echo "@reboot cd /home/ && sudo docker-compose down -t 1 && sudo docker-compose pull && sudo docker-compose up -d --scale worker=$(grep -c ^processor /proc/cpuinfo)" >> /home/cronjob crontab /home/cronjob diff --git a/tools/helm/README.md b/tools/helm/README.md index 136ce1c..a093abc 100644 --- a/tools/helm/README.md +++ b/tools/helm/README.md @@ -33,7 +33,7 @@ helm upgrade --install \ | fullnameOverride | string | `""` | | | image.pullPolicy | string | `"IfNotPresent"` | | | image.repository | string | `"ghcr.io/opengs/uashield"` | | -| image.tag | string | `"0.0.x"` | | +| image.tag | string | `"master"` | | | imagePullSecrets | list | `[]` | | | nameOverride | string | `""` | | | nodeSelector | object | `{}` | | diff --git a/tools/helm/values.yaml b/tools/helm/values.yaml index e98f580..603c392 100644 --- a/tools/helm/values.yaml +++ b/tools/helm/values.yaml @@ -15,7 +15,7 @@ image: repository: ghcr.io/opengs/uashield pullPolicy: IfNotPresent # We can find a tag here: https://github.com/opengs/uashield/pkgs/container/uashield - tag: "0.0.x" + tag: "master" resources: # We usually recommend not to specify default resources and to leave this as a conscious diff --git a/tools/terraform-do-uashield/README.md b/tools/terraform-do-uashield/README.md new file mode 100644 index 0000000..ec1d9ca --- /dev/null +++ b/tools/terraform-do-uashield/README.md @@ -0,0 +1,36 @@ +[![DigitalOcean Referral Badge](https://web-platforms.sfo2.cdn.digitaloceanspaces.com/WWW/Badge%201.svg)](https://www.digitalocean.com/?refcode=4e29ef6429c9&utm_campaign=Referral_Invite&utm_medium=Referral_Program&utm_source=badge) + +[Get $100 to try DigitalOcean, link for sing in above](https://try.digitalocean.com/freetrialoffer/) + + +## Requirements +- [Instal terraform](https://www.terraform.io/downloads) +- [Add SSH key](https://docs.digitalocean.com/products/droplets/how-to/add-ssh-keys/to-account/) to DO with name `ssh` + + +## Export environment vars +Extra logs +``` +export TF_LOG=INFO +``` +## Create and export DO PAT +- [DO PAT](https://docs.digitalocean.com/reference/api/create-personal-access-token/) +``` +export DO_PAT="" +``` +## Init terraform +``` +terraform init +``` + +``` +terraform apply \ + -var "do_token=${DO_PAT}" \ + -var "pvt_key=$HOME/.ssh/id_ed25519" +``` + +``` +terraform destroy \ + -var "do_token=${DO_PAT}" \ + -var "pvt_key=$HOME/.ssh/id_ed25519" +``` \ No newline at end of file diff --git a/tools/terraform-do-uashield/provider.tf b/tools/terraform-do-uashield/provider.tf new file mode 100644 index 0000000..306321b --- /dev/null +++ b/tools/terraform-do-uashield/provider.tf @@ -0,0 +1,16 @@ +terraform { + required_providers { + digitalocean = { + source = "digitalocean/digitalocean" + version = "~> 2.0" + } + } +} + +provider "digitalocean" { + token = var.do_token +} + +data "digitalocean_ssh_key" "ssh" { + name = "drvdo" +} diff --git a/tools/terraform-do-uashield/scripts/uashield.sh b/tools/terraform-do-uashield/scripts/uashield.sh new file mode 100644 index 0000000..cedca7e --- /dev/null +++ b/tools/terraform-do-uashield/scripts/uashield.sh @@ -0,0 +1,39 @@ +#!/bin/sh + +sudo apt-get install -y \ + ca-certificates \ + curl \ + gnupg \ + lsb-release \ + wget + +curl -sSL https://repos.insights.digitalocean.com/install.sh | sudo bash + +wget -O - https://get.docker.com/ | bash + +sudo systemctl enable docker.service +sudo systemctl start docker.service + +mkdir -p ~/.docker/cli-plugins/ +curl -SL https://github.com/docker/compose/releases/download/v2.2.3/docker-compose-linux-x86_64 -o ~/.docker/cli-plugins/docker-compose +chmod +x ~/.docker/cli-plugins/docker-compose +sudo chown $USER /var/run/docker.sock + +sudo echo " +version: \"3.3\" +services: + worker: + image: ghcr.io/opengs/uashield:latest + restart: always + command: + - \"7500\" + - \"true\"" >> /home/docker-compose.yaml + +sudo apt install -y docker-compose + +cd /home/ + +sudo docker-compose pull && sudo docker-compose up -d --scale worker=$(grep -c ^processor /proc/cpuinfo) + +sudo echo "*/30 * * * * cd /home/ && sudo docker-compose down -t 1 && sudo docker-compose pull && sudo docker-compose up -d --scale worker=$(grep -c ^processor /proc/cpuinfo)" >> /home/cronjob +crontab /home/cronjob \ No newline at end of file diff --git a/tools/terraform-do-uashield/uashield.tf b/tools/terraform-do-uashield/uashield.tf new file mode 100644 index 0000000..2bc5034 --- /dev/null +++ b/tools/terraform-do-uashield/uashield.tf @@ -0,0 +1,33 @@ +resource "digitalocean_droplet" "uashield" { + count = var.droplet_instance_number + image = "ubuntu-20-04-x64" + name = "uashield-${count.index}" + region = "nyc3" + size = var.droplet_instance_size + monitoring = true + + ssh_keys = [ + data.digitalocean_ssh_key.ssh.id + ] + + connection { + host = self.ipv4_address + user = "root" + type = "ssh" + private_key = file(var.pvt_key) + timeout = "2m" + } + + provisioner "file" { + source = "scripts/uashield.sh" + destination = "/opt/uashield.sh" + } + + provisioner "remote-exec" { + inline = [ + "chmod +x /opt/uashield.sh", + "/opt/uashield.sh", + ] + } +} + diff --git a/tools/terraform-do-uashield/variables.tf b/tools/terraform-do-uashield/variables.tf new file mode 100644 index 0000000..cb98468 --- /dev/null +++ b/tools/terraform-do-uashield/variables.tf @@ -0,0 +1,14 @@ +variable "droplet_instance_number" { + type = number + description = "Digital Ocean droplet instace number" + default = 1 +} + +variable "droplet_instance_size" { + type = string + description = "Digital Ocean droplet instace size" + default = "s-1vcpu-1gb" +} + +variable "do_token" {} +variable "pvt_key" {} From de04bd7e62cd476da4683e716951274e3edb6756 Mon Sep 17 00:00:00 2001 From: Dmitriy Date: Tue, 8 Mar 2022 17:52:55 +0200 Subject: [PATCH 18/22] Feat/ansible autoupdate (#16) ref: changed uashield start from docker to docker-compose ref: added repo autoupdate and image autobuild script --- tools/ansible/roles/uashield/tasks/main.yml | 57 +++++++++------------ tools/ansible/update-build.sh | 18 +++++++ tools/ansible/vars/vars.yaml | 2 - 3 files changed, 42 insertions(+), 35 deletions(-) create mode 100644 tools/ansible/update-build.sh diff --git a/tools/ansible/roles/uashield/tasks/main.yml b/tools/ansible/roles/uashield/tasks/main.yml index ae35d6d..74c8c49 100644 --- a/tools/ansible/roles/uashield/tasks/main.yml +++ b/tools/ansible/roles/uashield/tasks/main.yml @@ -1,52 +1,43 @@ --- -- name: Check if repo is exist - stat: - path: "{{uashield_work_dir}}" - failed_when: false - changed_when: false - register: check_uashield_repo - -- name: Clone repo +- name: Clone uashield repo git: repo: "{{uashield_git_url}}" dest: "{{uashield_work_dir}}" accept_hostkey: true force: true version: "master" - when: not check_uashield_repo.stat.exists -- name: Pull Latest Changes - shell: "git pull" +- name: Stop all containers + shell: "docker-compose down" args: chdir: "{{uashield_work_dir}}" - when: check_uashield_repo.stat.exists -- name: Get Running Docker Containers - shell: "docker ps -aq" - register: docker_info - -- name: Stop Running Docker Containers - shell: "docker stop $(docker ps -aq)" - when: docker_info.stdout - -- name: Remove Docker Containers - shell: "docker rm $(docker ps -aq)" - when: docker_info.stdout - -- name: Remove Old Docker Image +- name: Remove old uashield images shell: "docker rmi -f uashield" -- name: Build Docker Image - shell: "docker build . -t uashield" +- name: Run uashield + shell: "docker-compose up -d" args: chdir: "{{uashield_work_dir}}" -- name: Run Instance - shell: "docker run -d uashield {{ uashield_threads }} {{ uashield_proxy }}" - -- name: Check Docker is started - command: "docker ps" +- name: Check docker started + shell: "docker ps" + args: + chdir: "{{uashield_work_dir}}" register: output - ansible.builtin.debug: - var: output.stdout_lines + var: output + +- name: Chmod bash script for image update + shell: "chmod +x /root/uashield/tools/ansible/update-build.sh" + +- name: Remove /root/cronjob file if exists + shell: "rm /root/cronjob" + ignore_errors: yes + +- name: Add every 30 minutes image update as a cronjob + shell: "sudo echo '*/3 * * * * /root/uashield/tools/ansible/update-build.sh' >> /root/cronjob" + +- name: Add every reboot image update as a cronjob + shell: "sudo echo '@reboot /root/uashield/tools/ansible/update-build.sh' >> /root/cronjob && crontab /root/cronjob" diff --git a/tools/ansible/update-build.sh b/tools/ansible/update-build.sh new file mode 100644 index 0000000..2fdcb56 --- /dev/null +++ b/tools/ansible/update-build.sh @@ -0,0 +1,18 @@ +#!/bin/sh + +cd /root/uashield/ + +if git checkout master && + git fetch origin master && + [ `git rev-list HEAD...origin/master --count` != 0 ] && + git merge origin/master +then + echo 'Updated!' + sudo chmod +x /root/uashield/tools/ansible/update-build.sh + sudo docker-compose down -t 1 + sudo docker rmi -f uashield + sudo docker-compose up -d + docker ps +else + echo 'Not updated.' +fi \ No newline at end of file diff --git a/tools/ansible/vars/vars.yaml b/tools/ansible/vars/vars.yaml index ec4b48b..fc8f673 100644 --- a/tools/ansible/vars/vars.yaml +++ b/tools/ansible/vars/vars.yaml @@ -4,9 +4,7 @@ #Docker docker_version: 5.0.3 -docker_install_compose: true docker_users: [] -docker_pip_executable: pip3 #Uashield From 856806ce8ddbca8e211bf895a4087ea3cb63dc1d Mon Sep 17 00:00:00 2001 From: Dmitriy Date: Tue, 8 Mar 2022 18:14:33 +0200 Subject: [PATCH 19/22] Feat/ansible autoupdate (#19) * ref: changed uashield start from docker to docker-compose * ref: added repo autoupdate and image autobuild script From efb0d96b6be80fe4345639ce33e4c626cb9507cb Mon Sep 17 00:00:00 2001 From: Dmitriy Date: Wed, 9 Mar 2022 21:35:04 +0200 Subject: [PATCH 20/22] feat: added docker-compose with protonvpn --- tools/protonvpn/docker-compose.yml | 38 ++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) create mode 100644 tools/protonvpn/docker-compose.yml diff --git a/tools/protonvpn/docker-compose.yml b/tools/protonvpn/docker-compose.yml new file mode 100644 index 0000000..8840c59 --- /dev/null +++ b/tools/protonvpn/docker-compose.yml @@ -0,0 +1,38 @@ +version: '2' +services: + + uashield: + depends_on: + - protonvpn + build: + context: ../../ + dockerfile: ./Dockerfile + restart: always + container_name: uashield + image: uashield:latest + environment: + WORKERS: '256' + USEPROXY: 'true' + network_mode: service:protonvpn + + protonvpn: + container_name: protonvpn + environment: + # Credentials + PROTONVPN_USERNAME: vWOBT489uo86CP3G + PROTONVPN_PASSWORD: zkM7hplVGpOrFx0rHHnWW708QBDQoALn + # Override these where applicable + PROTONVPN_SERVER: NL + PROTONVPN_TIER: ${PROTONVPN_TIER:-0} + # Always use semver tags, avoid using tag latest! + image: ghcr.io/tprasadtp/protonvpn:latest + restart: unless-stopped + networks: + - internet + cap_add: + - NET_ADMIN + devices: + - /dev/net/tun:/dev/net/tun + +networks: + internet: \ No newline at end of file From d806d19e687f5ea14d8bf369a77564e7d37e407a Mon Sep 17 00:00:00 2001 From: Dmitriy Date: Wed, 9 Mar 2022 22:37:43 +0200 Subject: [PATCH 21/22] feat: added healthcheck for protonvpn before uashield run. Docker-compose doesn't provide a convenient interface for specifying a delay between container launches, so a helcheck with a delayed timer was used feat: added readme --- tools/protonvpn/README.MD | 21 ++++++++++++++++ tools/protonvpn/docker-compose.yml | 39 ++++++++++++++++++------------ 2 files changed, 44 insertions(+), 16 deletions(-) create mode 100644 tools/protonvpn/README.MD diff --git a/tools/protonvpn/README.MD b/tools/protonvpn/README.MD new file mode 100644 index 0000000..1a66b49 --- /dev/null +++ b/tools/protonvpn/README.MD @@ -0,0 +1,21 @@ +Run uashield under ProtonVPN. + +[Original docs for ProtonVPN in docker](https://tprasadtp.github.io/protonvpn-docker/#/README). + +## 1. Change settings in docker-compose.yml +- `PROTONVPN_USERNAME: - set username from OpenVPN/IKEv2 username account settings in ProtonVPN web interface +- `PROTONVPN_PASSWORD` - set password from OpenVPN/IKEv2 username account settings in ProtonVPN web interface +- `PROTONVPN_SERVER` - set server connect to. You can set `RANDOM` for random server from your plan +- `PROTONVPN_TIER` - Proton VPN Tier (0=Free, 1=Basic, 2=Pro, 3=Visionary) + +## 2. Run service + +`docker-compose up -d` - if you already have previously built uashield image +`docker-compose up -d --build` - if you want to build an image from scratch + +For checking your IP inside uashield container please run `docker exec -ti uashield-protonpvn wget -qO- https://ipecho.net/plain ;echo` + +## 3. Restart service + +`docker-compose down -t 15 && docker-compose up -d` + diff --git a/tools/protonvpn/docker-compose.yml b/tools/protonvpn/docker-compose.yml index 8840c59..d52e58d 100644 --- a/tools/protonvpn/docker-compose.yml +++ b/tools/protonvpn/docker-compose.yml @@ -1,20 +1,6 @@ -version: '2' +version: '2.1' services: - uashield: - depends_on: - - protonvpn - build: - context: ../../ - dockerfile: ./Dockerfile - restart: always - container_name: uashield - image: uashield:latest - environment: - WORKERS: '256' - USEPROXY: 'true' - network_mode: service:protonvpn - protonvpn: container_name: protonvpn environment: @@ -23,7 +9,7 @@ services: PROTONVPN_PASSWORD: zkM7hplVGpOrFx0rHHnWW708QBDQoALn # Override these where applicable PROTONVPN_SERVER: NL - PROTONVPN_TIER: ${PROTONVPN_TIER:-0} + PROTONVPN_TIER: 0 # Always use semver tags, avoid using tag latest! image: ghcr.io/tprasadtp/protonvpn:latest restart: unless-stopped @@ -33,6 +19,27 @@ services: - NET_ADMIN devices: - /dev/net/tun:/dev/net/tun + healthcheck: + test: ["CMD", "curl", "-f", "https://google.com"] + interval: 10s + timeout: 10s + retries: 3 + start_period: 15s + + uashield: + depends_on: + protonvpn: + condition: service_healthy + build: + context: ../../ + dockerfile: ./Dockerfile + restart: always + container_name: uashield-protonvpn + image: uashield:latest + environment: + WORKERS: '256' + USEPROXY: 'false' + network_mode: service:protonvpn networks: internet: \ No newline at end of file From 2b93e6c2c5c9b3f4e012d077d65c907fabc3dc16 Mon Sep 17 00:00:00 2001 From: Dmitriy Date: Wed, 9 Mar 2022 23:57:43 +0200 Subject: [PATCH 22/22] ref: typo fix --- tools/protonvpn/README.MD | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/protonvpn/README.MD b/tools/protonvpn/README.MD index 1a66b49..44a00df 100644 --- a/tools/protonvpn/README.MD +++ b/tools/protonvpn/README.MD @@ -3,7 +3,7 @@ Run uashield under ProtonVPN. [Original docs for ProtonVPN in docker](https://tprasadtp.github.io/protonvpn-docker/#/README). ## 1. Change settings in docker-compose.yml -- `PROTONVPN_USERNAME: - set username from OpenVPN/IKEv2 username account settings in ProtonVPN web interface +- `PROTONVPN_USERNAME` - set username from OpenVPN/IKEv2 username account settings in ProtonVPN web interface - `PROTONVPN_PASSWORD` - set password from OpenVPN/IKEv2 username account settings in ProtonVPN web interface - `PROTONVPN_SERVER` - set server connect to. You can set `RANDOM` for random server from your plan - `PROTONVPN_TIER` - Proton VPN Tier (0=Free, 1=Basic, 2=Pro, 3=Visionary)