DEV Community

Carrie
Carrie

Posted on

How to Use a Simple All-in-One Update Script for SafeLine

#safeline #firewall #cybersecurity #webdev

Author: SafeLine Pro user - YaneonY

Maintaining your SafeLine WAF installation up to date is important for ensuring optimal security, performance, and access to the latest features.

Here’s a simple all-in-one Bash script that automates the update process — including creating backups and pruning old ones — so you can manage updates with minimal effort.

Features of the Script

  • Stops running containers safely before updating
  • Creates a timestamped backup of the resources directory
  • Automatically prunes old backups, keeping only the most recent ones
  • Fetches the latest compose.yaml from the official release source
  • Pulls the latest Docker images for SafeLine
  • Restarts containers in detached mode so your service is back online quickly

Usage Instructions

  1. Save the Script

Save the following script as update.sh inside your SafeLine installation directory:

#!/bin/bash
   set -e

   TARGET_DIR="/opt/safeline"
   RES_DIR="$TARGET_DIR/resources"
   BACKUP_DIR="$TARGET_DIR/backups"
   KEEP_BACKUPS=14

   RED='\033[0;31m'
   GREEN='\033[0;32m'
   YELLOW='\033[1;33m'
   BLUE='\033[0;34m'
   NC='\033[0m'

   log_info()    { echo -e "${BLUE}ℹ️  $1${NC}"; }
   log_success() { echo -e "${GREEN}✅ $1${NC}"; }
   log_warn()    { echo -e "${YELLOW}⚠️  $1${NC}"; }
   log_error()   { echo -e "${RED}❌ $1${NC}"; }

   log_info "Switching to target directory: $TARGET_DIR"
   cd "$TARGET_DIR" || { log_error "Directory $TARGET_DIR not found"; exit 1; }
   [ -d "$RES_DIR" ] || { log_error "Resources directory $RES_DIR not found"; exit 1; }
   mkdir -p "$BACKUP_DIR"

   log_info "Stopping existing containers..."
   docker compose down --remove-orphans
   log_success "Containers stopped"

   log_info "Waiting 5 seconds to ensure all containers are fully stopped..."
   sleep 5
   log_success "Wait complete"

   TS="$(date +%Y%m%d-%H%M%S)"
   BACKUP_FILE="$BACKUP_DIR/resources-$TS.tar.gz"
   log_info "Creating backup (ignoring resources/sock/): $BACKUP_FILE"
   tar --exclude="resources/sock" -czf "$BACKUP_FILE" -C "$TARGET_DIR" resources
   log_success "Backup created successfully"

   log_info "Pruning old backups, keeping the latest $KEEP_BACKUPS..."
   ls -1t -- "$BACKUP_DIR"/resources-*.tar.gz 2>/dev/null | sed -n "$((KEEP_BACKUPS+1)),\$p" | xargs -r rm -f --
   log_success "Old backups pruned"

   log_info "Fetching latest compose.yaml..."
   wget -q -O compose.yaml "https://waf.chaitin.com/release/latest/compose.yaml"
   log_success "compose.yaml updated"

   log_info "Pulling latest Docker images..."
   docker compose pull
   log_success "Docker images updated"

   log_info "Starting containers in detached mode..."
   docker compose up -d
   log_success "Containers are up and running 🚀"

   log_success "Update process completed 🎉"
Enter fullscreen mode Exit fullscreen mode

2. Adjust Variables

  • TARGET_DIR: Your SafeLine installation path
  • KEEP_BACKUPS: Number of recent backups to keep

3. Make the Script Executable
chmod +x update.sh

4. Run the Script
./update.sh

Notes

  • Backups are stored in the backups directory within your SafeLine installation.
  • The script excludes resources/sock/ from backups, as it contains temporary runtime files.
  • You can roll back by restoring the contents of a backup if needed.

With this automated update script, keeping your SafeLine WAF installation fresh and secure becomes effortless.

You can schedule it via cron jobs for regular updates or run it manually whenever a new release is available.

SafeLine Website: https://ly.safepoint.cloud/ShZAy9x
Live Demo: https://demo.waf.chaitin.com:9443/statistics
Discord: https://discord.gg/dy3JT7dkmY
Doc: https://docs.waf.chaitin.com/en/home
Github: https://github.com/chaitin/SafeLine

Top comments (0)