Author: SafeLine Pro user - YaneonY
Maintaining your SafeLine WAF installation up to date is important for ensuring optimal security, performance, and access to the latest features.
Here’s a simple all-in-one Bash script that automates the update process — including creating backups and pruning old ones — so you can manage updates with minimal effort.
Features of the Script
- Stops running containers safely before updating
-
Creates a timestamped backup of the
resources
directory - Automatically prunes old backups, keeping only the most recent ones
-
Fetches the latest
compose.yaml
from the official release source - Pulls the latest Docker images for SafeLine
- Restarts containers in detached mode so your service is back online quickly
Usage Instructions
- Save the Script
Save the following script as update.sh
inside your SafeLine installation directory:
#!/bin/bash
set -e
TARGET_DIR="/opt/safeline"
RES_DIR="$TARGET_DIR/resources"
BACKUP_DIR="$TARGET_DIR/backups"
KEEP_BACKUPS=14
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
log_info() { echo -e "${BLUE}ℹ️ $1${NC}"; }
log_success() { echo -e "${GREEN}✅ $1${NC}"; }
log_warn() { echo -e "${YELLOW}⚠️ $1${NC}"; }
log_error() { echo -e "${RED}❌ $1${NC}"; }
log_info "Switching to target directory: $TARGET_DIR"
cd "$TARGET_DIR" || { log_error "Directory $TARGET_DIR not found"; exit 1; }
[ -d "$RES_DIR" ] || { log_error "Resources directory $RES_DIR not found"; exit 1; }
mkdir -p "$BACKUP_DIR"
log_info "Stopping existing containers..."
docker compose down --remove-orphans
log_success "Containers stopped"
log_info "Waiting 5 seconds to ensure all containers are fully stopped..."
sleep 5
log_success "Wait complete"
TS="$(date +%Y%m%d-%H%M%S)"
BACKUP_FILE="$BACKUP_DIR/resources-$TS.tar.gz"
log_info "Creating backup (ignoring resources/sock/): $BACKUP_FILE"
tar --exclude="resources/sock" -czf "$BACKUP_FILE" -C "$TARGET_DIR" resources
log_success "Backup created successfully"
log_info "Pruning old backups, keeping the latest $KEEP_BACKUPS..."
ls -1t -- "$BACKUP_DIR"/resources-*.tar.gz 2>/dev/null | sed -n "$((KEEP_BACKUPS+1)),\$p" | xargs -r rm -f --
log_success "Old backups pruned"
log_info "Fetching latest compose.yaml..."
wget -q -O compose.yaml "https://waf.chaitin.com/release/latest/compose.yaml"
log_success "compose.yaml updated"
log_info "Pulling latest Docker images..."
docker compose pull
log_success "Docker images updated"
log_info "Starting containers in detached mode..."
docker compose up -d
log_success "Containers are up and running 🚀"
log_success "Update process completed 🎉"
2. Adjust Variables
- TARGET_DIR: Your SafeLine installation path
- KEEP_BACKUPS: Number of recent backups to keep
3. Make the Script Executable
chmod +x update.sh
4. Run the Script
./update.sh
Notes
- Backups are stored in the backups directory within your SafeLine installation.
- The script excludes resources/sock/ from backups, as it contains temporary runtime files.
- You can roll back by restoring the contents of a backup if needed.
With this automated update script, keeping your SafeLine WAF installation fresh and secure becomes effortless.
You can schedule it via cron jobs for regular updates or run it manually whenever a new release is available.
SafeLine Website: https://ly.safepoint.cloud/ShZAy9x
Live Demo: https://demo.waf.chaitin.com:9443/statistics
Discord: https://discord.gg/dy3JT7dkmY
Doc: https://docs.waf.chaitin.com/en/home
Github: https://github.com/chaitin/SafeLine
Top comments (0)