From c9095acbeff2c8b7c06756f2d4021a0d1f5a5b36 Mon Sep 17 00:00:00 2001
From: orianelou <126462046+orianelou@users.noreply.github.com>
Date: Mon, 20 Jan 2025 14:29:39 +0200
Subject: [PATCH] Create .env

---
 deployment/docker-compose/kong/.env | 54 +++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)
 create mode 100644 deployment/docker-compose/kong/.env

diff --git a/deployment/docker-compose/kong/.env b/deployment/docker-compose/kong/.env
new file mode 100644
index 0000000..297335b
--- /dev/null
+++ b/deployment/docker-compose/kong/.env
@@ -0,0 +1,54 @@
+## .env file for docker-compose deployments of open-appsec integrated with NGINX
+## for more info see https://docs.openappsec.io
+
+APPSEC_VERSION=latest
+APPSEC_CONFIG=./appsec-config
+APPSEC_DATA=./appsec-data
+APPSEC_LOGS=./appsec-logs
+APPSEC_LOCALCONFIG=./appsec-localconfig
+
+## Make sure the parameter APPSEC_AUTO_POLICY_LOAD is set to false when centrally managing
+## open-appsec configuration via open-appsec Web UI.
+## You can optionally set it to true when using local, declarative management for open-appsec,
+## declarative configuration will then get applied automatically when changed.
+APPSEC_AUTO_POLICY_LOAD=false
+
+## Example for configuring HTTPS Proxy:
+## APPSEC_HTTPS_PROXY=user:password@proxy_address:port
+APPSEC_HTTPS_PROXY=
+
+APPSEC_SMART_SYNC_STORAGE=./appsec-smartsync-storage
+APPSEC_USER_EMAIL=user@email.com
+APPSEC_DB_PASSWORD=pass
+APPSEC_DB_USER=postgres
+APPSEC_DB_HOST=appsec-db
+APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
+
+## Make sure to have a valid NGINX configuration file default.conf in the folder specified for NGINX_CONFIG.
+## For deployment of a simple lab testing environment, you can deploy the example configuration provided
+## for the vulnerable juice-shop container, see instructions further below.
+NGINX_CONFIG=./nginx-config
+
+## To connect your deployment to central open-appsec WebUI provide the token for a profile
+## which you created in open-appsec WebUI at https://my.openappsec.io
+## Example: APPSEC_AGENT_TOKEN=111-22222-111
+APPSEC_AGENT_TOKEN=
+
+## Important: When not providing token for connection to central WebUI:
+## Make sure to add the value "standalone" to the COMPOSE_PROFILES value, this will enable
+## sharing of learning between processes and allow you to perform tuning locally on CLI
+COMPOSE_PROFILES=
+
+## JUICE SHOP DEMO CONTAINER:
+## In order to deploy the optional, additional, vulnerable juiceshop container (for demo and testing purposes only!):
+## Add the value "juiceshop" to the COMPOSE_PROFILES value above.
+
+## Make sure to also adjust the nginx.conf file in NGINX_CONFIG folder
+## to include a proxy_pass directive forwarding external traffic on e.g. port 80 to the juiceshop-backend container
+## you can use the example file available here:
+## https://raw.githubusercontent.com/openappsec/openappsec/examples/juiceshop/nginx/default.conf
+## place the file above in NGINX_CONFIG folder
+## note that juiceshop container listens on HTTP port 3000 by default
+
+## Note that COMPOSE_PROFILES can also receive multiple values, e.g. as shown here:
+## COMPOSE_PROFILES=standalone,juiceshop