From 01b9edfa7acf2a736433c6b8832e06dc8092047b Mon Sep 17 00:00:00 2001
From: orianelou <126462046+orianelou@users.noreply.github.com>
Date: Tue, 12 Dec 2023 13:48:13 +0200
Subject: [PATCH 1/3] Create docker-compose.yaml

---
 deployment/docker-compose.yaml | 43 ++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)
 create mode 100644 deployment/docker-compose.yaml

diff --git a/deployment/docker-compose.yaml b/deployment/docker-compose.yaml
new file mode 100644
index 00000000..a7e7f8e4
--- /dev/null
+++ b/deployment/docker-compose.yaml
@@ -0,0 +1,43 @@
+version: '3.8'
+# docker compose for npm open-appsec integration
+services:
+  appsec-npm:
+    container_name: appsec-npm
+    image: 'ghcr.io/openappsec/appsec-npm:latest'
+    ipc: host
+    restart: unless-stopped
+    ports:
+      - '80:80' # Public HTTP Port
+      - '443:443' # Public HTTPS Port
+      - '81:81' # Admin Web Port
+    volumes:
+      - ./data:/data
+      - ./letsencrypt:/etc/letsencrypt
+      - ./appsec-logs:/ext/appsec-logs
+      - ./appsec-localconfig:/ext/appsec
+
+  appsec-agent:
+    container_name: appsec-agent
+    image: 'ghcr.io/openappsec/agent:latest'
+    network_mode: service:appsec-npm
+    ipc: host
+    restart: unless-stopped
+    environment:
+      # adjust with your own email below
+      - user_email=user@email.com
+      - nginxproxymanager=true
+      - autoPolicyLoad=true
+    volumes:
+      - ./appsec-config:/etc/cp/conf
+      - ./appsec-data:/etc/cp/data
+      - ./appsec-logs:/var/log/nano_agent
+      - ./appsec-localconfig:/ext/appsec
+    command: /cp-nano-agent --standalone
+
+  nginx:
+    container_name: nginx-backend
+    image: nginx:latest
+    ports:
+      - "8080:80"
+    volumes:
+      - ./nginx-deployment:/etc/nginx/conf.d

From a856a0c2d6763bbacf275afefa80638498ef8d76 Mon Sep 17 00:00:00 2001
From: orianelou <126462046+orianelou@users.noreply.github.com>
Date: Wed, 13 Dec 2023 11:00:30 +0200
Subject: [PATCH 2/3] Create local_policy.yaml

---
 deployment/local_policy.yaml | 62 ++++++++++++++++++++++++++++++++++++
 1 file changed, 62 insertions(+)
 create mode 100644 deployment/local_policy.yaml

diff --git a/deployment/local_policy.yaml b/deployment/local_policy.yaml
new file mode 100644
index 00000000..8aaf15a8
--- /dev/null
+++ b/deployment/local_policy.yaml
@@ -0,0 +1,62 @@
+policies:
+  default:
+    triggers:
+    - appsec-default-log-trigger
+    mode: inactive
+    practices:
+    - webapp-default-practice
+    custom-response: appsec-default-web-user-response
+  specific-rules: []
+
+practices:
+  - name: webapp-default-practice
+    web-attacks:
+      max-body-size-kb: 1000000
+      max-header-size-bytes: 102400
+      max-object-depth: 40
+      max-url-size-bytes: 32768
+      minimum-confidence: high
+      override-mode: inactive
+      protections:
+        csrf-protection: inactive
+        error-disclosure: inactive
+        non-valid-http-methods: false
+        open-redirect: inactive
+    anti-bot:
+      injected-URIs: []
+      validated-URIs: []
+      override-mode: inactive
+    snort-signatures:
+      configmap: []
+      override-mode: inactive
+    openapi-schema-validation:
+      configmap: []
+      override-mode: inactive
+
+log-triggers:
+  - name: appsec-default-log-trigger
+    access-control-logging:
+      allow-events: false
+      drop-events: true
+    additional-suspicious-events-logging:
+      enabled: true
+      minimum-severity: high
+      response-body: false
+    appsec-logging:
+      all-web-requests: false
+      detect-events: true
+      prevent-events: true
+    extended-logging:
+      http-headers: false
+      request-body: false
+      url-path: false
+      url-query: false
+    log-destination:
+      cloud: false
+      stdout:
+        format: json
+
+custom-responses:
+  - name: appsec-default-web-user-response
+    mode: response-code-only
+    http-response-code: 403

From 256a7501f09cacd7f87967f1d44b158b94d00014 Mon Sep 17 00:00:00 2001
From: clutat <104208687+clutat@users.noreply.github.com>
Date: Mon, 18 Dec 2023 16:34:17 +0100
Subject: [PATCH 3/3] Update docker-compose.yaml - work on initial version

---
 deployment/docker-compose.yaml | 9 +--------
 1 file changed, 1 insertion(+), 8 deletions(-)

diff --git a/deployment/docker-compose.yaml b/deployment/docker-compose.yaml
index a7e7f8e4..b610742f 100644
--- a/deployment/docker-compose.yaml
+++ b/deployment/docker-compose.yaml
@@ -1,5 +1,6 @@
 version: '3.8'
 # docker compose for npm open-appsec integration
+
 services:
   appsec-npm:
     container_name: appsec-npm
@@ -33,11 +34,3 @@ services:
       - ./appsec-logs:/var/log/nano_agent
       - ./appsec-localconfig:/ext/appsec
     command: /cp-nano-agent --standalone
-
-  nginx:
-    container_name: nginx-backend
-    image: nginx:latest
-    ports:
-      - "8080:80"
-    volumes:
-      - ./nginx-deployment:/etc/nginx/conf.d