github_mirrors/openappsec
3
0
Fork 1
mirror of https://github.com/openappsec/openappsec.git synced 2025-11-15 17:02:15 +03:00
Code Issues Packages Projects Releases Wiki Activity

update PostgreSQL configuration in deployment files

Browse Source 
- Change PostgreSQL volume mount from /var/lib/postgresql/data to /var/lib/postgresql
  This allows PostgreSQL to manage the data directory structure internally

- Add PostgreSQL version configuration variable to all docker-compose files:
  * POSTGRES_VERSION for deployment/nginx
  * APPSEC_POSTGRES_VERSION for all deployment/docker-compose variants

- Update PostgreSQL image tag to use version variable (set to version 18)
  Changed from 'postgres' to 'postgres:' or 'postgres:'

- Add PostgreSQL version variable to all .env files with default value of 18
This commit is contained in:
Nahum Perman
2025-10-28 14:37:24 +02:00
parent ed4e20b010
commit d9e6b00070
20 changed files with 30 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
deployment/docker-compose/apisix/.env
View File

@@ -23,6 +23,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
## Make sure to have a valid apisix configuration for APISIX in standalone mode in the following file: ## Make sure to have a valid apisix configuration for APISIX in standalone mode in the following file:
## For deployment of a simple lab testing environment, you can deploy the example configuration provided ## For deployment of a simple lab testing environment, you can deploy the example configuration provided

4
deployment/docker-compose/apisix/docker-compose.yaml
View File

@@ -103,14 +103,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: always restart: always
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/docker-compose/envoy/.env
View File

@@ -23,6 +23,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
## Make sure to have a valid envoy.yaml Envoy configuration file present in the path below. ## Make sure to have a valid envoy.yaml Envoy configuration file present in the path below.
## For deployment of a simple lab testing environment, you can deploy the example configuration provided ## For deployment of a simple lab testing environment, you can deploy the example configuration provided

4
deployment/docker-compose/envoy/docker-compose.yaml
View File

@@ -109,14 +109,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: unless-stopped restart: unless-stopped
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/docker-compose/kong-lua-plugin/.env
View File

@@ -23,6 +23,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
## Make sure to have a valid Kong declarative configuration file kong.yaml in the folder specified for KONG_CONFIG. ## Make sure to have a valid Kong declarative configuration file kong.yaml in the folder specified for KONG_CONFIG.
## For deployment of a simple lab testing environment, you can deploy the example configuration provided ## For deployment of a simple lab testing environment, you can deploy the example configuration provided

4
deployment/docker-compose/kong-lua-plugin/docker-compose.yaml
View File

@@ -106,14 +106,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: unless-stopped restart: unless-stopped
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/docker-compose/kong/.env
View File

@@ -23,6 +23,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
## Make sure to have a valid Kong declarative configuration file kong.yaml in the folder specified for KONG_CONFIG. ## Make sure to have a valid Kong declarative configuration file kong.yaml in the folder specified for KONG_CONFIG.
## For deployment of a simple lab testing environment, you can deploy the example configuration provided ## For deployment of a simple lab testing environment, you can deploy the example configuration provided

4
deployment/docker-compose/kong/docker-compose.yaml
View File

@@ -106,14 +106,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: unless-stopped restart: unless-stopped
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/docker-compose/nginx-proxy-manager-centrally-managed/.env
View File

@@ -23,6 +23,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
# Volume mounts for NGINX Proxy Manager have been moved here as well allowing configuration via .env file # Volume mounts for NGINX Proxy Manager have been moved here as well allowing configuration via .env file
NPM_DATA=./data NPM_DATA=./data

4
deployment/docker-compose/nginx-proxy-manager-centrally-managed/docker-compose.yaml
View File

@@ -103,14 +103,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: unless-stopped restart: unless-stopped
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/docker-compose/nginx-proxy-manager/.env
View File

@@ -21,6 +21,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
# Volume mounts for NGINX Proxy Manager have been moved here as well allowing configuration via .env file # Volume mounts for NGINX Proxy Manager have been moved here as well allowing configuration via .env file
NPM_DATA=./data NPM_DATA=./data

4
deployment/docker-compose/nginx-proxy-manager/docker-compose.yaml
View File

@@ -106,14 +106,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: unless-stopped restart: unless-stopped
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/docker-compose/nginx-unified/.env
View File

@@ -23,6 +23,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
## Make sure to have a valid NGINX configuration file default.conf in the folder specified for NGINX_CONFIG. ## Make sure to have a valid NGINX configuration file default.conf in the folder specified for NGINX_CONFIG.
## For deployment of a simple lab testing environment, you can deploy the example configuration provided ## For deployment of a simple lab testing environment, you can deploy the example configuration provided

4
deployment/docker-compose/nginx-unified/docker-compose.yaml
View File

@@ -96,14 +96,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: unless-stopped restart: unless-stopped
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/docker-compose/nginx/.env
View File

@@ -23,6 +23,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
## Make sure to have a valid NGINX configuration file default.conf in the folder specified for NGINX_CONFIG. ## Make sure to have a valid NGINX configuration file default.conf in the folder specified for NGINX_CONFIG.
## For deployment of a simple lab testing environment, you can deploy the example configuration provided ## For deployment of a simple lab testing environment, you can deploy the example configuration provided

4
deployment/docker-compose/nginx/docker-compose.yaml
View File

@@ -108,14 +108,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: unless-stopped restart: unless-stopped
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/docker-compose/swag/.env
View File

@@ -23,6 +23,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
## Most relevant SWAG parameters have been moved here as well allowing configuration via .env file ## Most relevant SWAG parameters have been moved here as well allowing configuration via .env file
SWAG_CONFIG=./swag-config SWAG_CONFIG=./swag-config

4
deployment/docker-compose/swag/docker-compose.yaml
View File

@@ -117,14 +117,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: unless-stopped restart: unless-stopped
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/nginx/.env
View File

@@ -15,6 +15,7 @@ USER_EMAIL=user@email.com
DB_PASSWORD=pass DB_PASSWORD=pass
DB_USER=postgres DB_USER=postgres
DB_HOST=appsec-db DB_HOST=appsec-db
POSTGRES_VERSION=18
POSTGRES_STORAGE=./postgres-data POSTGRES_STORAGE=./postgres-data
NGINX_CONF_DIR=./nginx-proxy-config NGINX_CONF_DIR=./nginx-proxy-config

4
deployment/nginx/docker-compose.yaml
View File

@@ -81,14 +81,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: always restart: always
environment: environment:
- POSTGRES_PASSWORD=${DB_PASSWORD} - POSTGRES_PASSWORD=${DB_PASSWORD}
- POSTGRES_USER=${DB_USER} - POSTGRES_USER=${DB_USER}
volumes: volumes:
- ${POSTGRES_STORAGE}:/var/lib/postgresql/data - ${POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
## ##