ThatGuyJack/nginx-proxy-manager
1
0
Fork 0
mirror of https://github.com/NginxProxyManager/nginx-proxy-manager.git synced 2025-08-03 16:03:38 +00:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

disable appsec by default because of https://github.com/crowdsecurity/lua-cs-bouncer/issues/63

Browse Source
This commit is contained in:
Zoey
2024-02-11 12:12:35 +01:00
parent e9421dd5f9
commit d4d9fad9b3
2 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
Dockerfile
View File

@@ -48,10 +48,11 @@ RUN apk add --no-cache ca-certificates git build-base && \
sed -i "s|API_URL=.*|API_URL=http://127.0.0.1:8080|g" /src/crowdsec-nginx-bouncer/lua-mod/config_example.conf && \ sed -i "s|API_URL=.*|API_URL=http://127.0.0.1:8080|g" /src/crowdsec-nginx-bouncer/lua-mod/config_example.conf && \
sed -i "s|BAN_TEMPLATE_PATH=.*|BAN_TEMPLATE_PATH=/data/etc/crowdsec/ban.html|g" /src/crowdsec-nginx-bouncer/lua-mod/config_example.conf && \ sed -i "s|BAN_TEMPLATE_PATH=.*|BAN_TEMPLATE_PATH=/data/etc/crowdsec/ban.html|g" /src/crowdsec-nginx-bouncer/lua-mod/config_example.conf && \
sed -i "s|CAPTCHA_TEMPLATE_PATH=.*|CAPTCHA_TEMPLATE_PATH=/data/etc/crowdsec/captcha.html|g" /src/crowdsec-nginx-bouncer/lua-mod/config_example.conf && \ sed -i "s|CAPTCHA_TEMPLATE_PATH=.*|CAPTCHA_TEMPLATE_PATH=/data/etc/crowdsec/captcha.html|g" /src/crowdsec-nginx-bouncer/lua-mod/config_example.conf && \
echo "APPSEC_URL=http://127.0.0.1:7422" | tee -a /src/crowdsec-nginx-bouncer/lua-mod/config_example.conf && \ echo "#APPSEC_URL=http://127.0.0.1:7422 # see https://github.com/crowdsecurity/lua-cs-bouncer/issues/63" | tee -a /src/crowdsec-nginx-bouncer/lua-mod/config_example.conf && \
echo "APPSEC_FAILURE_ACTION=deny" | tee -a /src/crowdsec-nginx-bouncer/lua-mod/config_example.conf echo "#APPSEC_FAILURE_ACTION=deny # see https://github.com/crowdsecurity/lua-cs-bouncer/issues/63" | tee -a /src/crowdsec-nginx-bouncer/lua-mod/config_example.conf && \
sed -i "s|BOUNCING_ON_TYPE=all|BOUNCING_ON_TYPE=ban|g" /src/crowdsec-nginx-bouncer/lua-mod/config_example.conf
FROM zoeyvid/nginx-quic:256 FROM zoeyvid/nginx-quic:257
SHELL ["/bin/ash", "-eo", "pipefail", "-c"] SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
ARG CRS_VER=v4.0/dev ARG CRS_VER=v4.0/dev

5
README.md
View File

@@ -106,7 +106,7 @@ so that the barrier for entry here is low.
1. Install crowdsec using this compose file: https://github.com/ZoeyVid/NPMplus/blob/develop/compose.crowdsec.yaml 1. Install crowdsec using this compose file: https://github.com/ZoeyVid/NPMplus/blob/develop/compose.crowdsec.yaml
2. open `/opt/crowdsec/conf/acquis.d/appsec.yaml` and fill it with: 2. open `/opt/crowdsec/conf/acquis.d/appsec.yaml` and fill it with:
```yaml ```yaml
listen_addr: 127.0.0.1:7422 listen_addr: 0.0.0.0:7422
appsec_config: crowdsecurity/virtual-patching appsec_config: crowdsecurity/virtual-patching
name: myAppSecComponent name: myAppSecComponent
source: appsec source: appsec
@@ -138,7 +138,8 @@ labels:
7. set `ENABLED` to `true` 7. set `ENABLED` to `true`
8. use the output of step 5 as `API_KEY` 8. use the output of step 5 as `API_KEY`
9. save the file 9. save the file
10. restart the npm 10. set LOGROTATE to `true` in your `compose.yaml
11. redeploy the `compose.yaml`
# Use as webserver # Use as webserver