github_mirrors/openappsec
3
0
Fork 1
mirror of https://github.com/openappsec/openappsec.git synced 2025-11-16 17:31:52 +03:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: github_mirrors:1.1.30
Branches Tags
github_mirrors:main github_mirrors:v1beta2-defualt-policy github_mirrors:fix-entry-file-token-arg github_mirrors:09-11-25-dev github_mirrors:docker-stop-issue github_mirrors:update_docker_compose github_mirrors:fix-alpine-ca github_mirrors:Aug_08_2025-Dev github_mirrors:nginx_message_reader_improvements github_mirrors:conf-collector-upload github_mirrors:waf-tag github_mirrors:watchdog github_mirrors:prometheus_support github_mirrors:exception-fix github_mirrors:orianelou-patch-8 github_mirrors:orianelou-issue-tamplates github_mirrors:Mar_17_2025-Dev github_mirrors:docker-upgrade-issue github_mirrors:namspace-crds github_mirrors:Feb_27_2025-Dev github_mirrors:Feb_10_2025-Dev github_mirrors:oriane-23.12.24-adding-new-composes github_mirrors:Jan_12_2025-Dev github_mirrors:orianelou-patch-7 github_mirrors:Dec_29_2024-Dev github_mirrors:Nov_28_2024-Dev github_mirrors:Oct_14_2024-Dev github_mirrors:Sep_17_2024-Dev github_mirrors:Sep_15_2024-Dev github_mirrors:Sep_13_2024-Dev github_mirrors:Sep_11_2024-Dev github_mirrors:Aug_20_2024-Dev github_mirrors:orianelou-patch-6 github_mirrors:orianelou-patch-5 github_mirrors:orianelou-patch-4 github_mirrors:Jul_31_2024-Dev github_mirrors:danielei-hotifx-candidate github_mirrors:orianelou-crds github_mirrors:or github_mirrors:Jul_23_2024-Dev github_mirrors:Jul_04_2024-Dev github_mirrors:Jun_26_2024-Dev github_mirrors:orianelou-new-policy-files github_mirrors:Jun_09_2024-Dev github_mirrors:May_27_2024-Dev github_mirrors:Apr_21_2024-Dev github_mirrors:Apr_14_2024-Dev github_mirrors:Mar_21_2024-Dev github_mirrors:orianelou-patch-3 github_mirrors:WrightNed-patch-1 github_mirrors:Feb_28_2024 github_mirrors:orianelou-patch-apisix github_mirrors:Feb_13_2024 github_mirrors:Feb_06_2024-Dev github_mirrors:Jan_31_2024-Dev github_mirrors:Dec-24-2023 github_mirrors:Dec-12th-2023 github_mirrors:Nov_12_2023-Dev github_mirrors:open_appsec_add_agent_cache_for_rate_limit github_mirrors:orianelou-patch-2 github_mirrors:Sep_24_2023-Dev github_mirrors:Aug_23_2023-Dev github_mirrors:changing_socket_readiness_testing github_mirrors:support-advance-model github_mirrors:Jul_24_23_chart_update github_mirrors:Jul_06_2023-Dev github_mirrors:orianelou-patch-1 github_mirrors:workflow-08_05 github_mirrors:May_11_2023-Dev github_mirrors:crowdsec github_mirrors:Apr_27_2023-Dev github_mirrors:Mar_26_2023-Dev github_mirrors:Mar_13_2023-Dev github_mirrors:Mar_02_2023-Dev github_mirrors:Feb_22_2023-Dev github_mirrors:Feb_15_2023-Dev github_mirrors:Jan_22_2023-Dev github_mirrors:Jan_18_2023-Dev github_mirrors:Jan_16_2023
github_mirrors:1.1.30 github_mirrors:1.1.29 github_mirrors:1.1.27 github_mirrors:1.1.26 github_mirrors:1.1.25 github_mirrors:1.1.24 github_mirrors:1.1.23 github_mirrors:1.1.22 github_mirrors:1.1.21 github_mirrors:1.1.20 github_mirrors:1.1.19 github_mirrors:1.1.18 github_mirrors:1.1.17 github_mirrors:1.1.16 github_mirrors:1.1.15 github_mirrors:1.1.14 github_mirrors:v1.1.3 github_mirrors:1.1.12 github_mirrors:1.1.11 github_mirrors:1.1.10 github_mirrors:1.1.9 github_mirrors:1.1.8 github_mirrors:1.1.7 github_mirrors:1.1.6 github_mirrors:1.1.5 github_mirrors:1.1.4 github_mirrors:1.1.3 github_mirrors:1.1.2 github_mirrors:1.1.0 github_mirrors:1.0.1 github_mirrors:1.0.0 github_mirrors:0.9.1-rc github_mirrors:0.9.0-rc github_mirrors:0.8.0-rc
...
compare: github_mirrors:fix-entry-file-token-arg
Branches Tags
github_mirrors:main github_mirrors:v1beta2-defualt-policy github_mirrors:fix-entry-file-token-arg github_mirrors:09-11-25-dev github_mirrors:docker-stop-issue github_mirrors:update_docker_compose github_mirrors:fix-alpine-ca github_mirrors:Aug_08_2025-Dev github_mirrors:nginx_message_reader_improvements github_mirrors:conf-collector-upload github_mirrors:waf-tag github_mirrors:watchdog github_mirrors:prometheus_support github_mirrors:exception-fix github_mirrors:orianelou-patch-8 github_mirrors:orianelou-issue-tamplates github_mirrors:Mar_17_2025-Dev github_mirrors:docker-upgrade-issue github_mirrors:namspace-crds github_mirrors:Feb_27_2025-Dev github_mirrors:Feb_10_2025-Dev github_mirrors:oriane-23.12.24-adding-new-composes github_mirrors:Jan_12_2025-Dev github_mirrors:orianelou-patch-7 github_mirrors:Dec_29_2024-Dev github_mirrors:Nov_28_2024-Dev github_mirrors:Oct_14_2024-Dev github_mirrors:Sep_17_2024-Dev github_mirrors:Sep_15_2024-Dev github_mirrors:Sep_13_2024-Dev github_mirrors:Sep_11_2024-Dev github_mirrors:Aug_20_2024-Dev github_mirrors:orianelou-patch-6 github_mirrors:orianelou-patch-5 github_mirrors:orianelou-patch-4 github_mirrors:Jul_31_2024-Dev github_mirrors:danielei-hotifx-candidate github_mirrors:orianelou-crds github_mirrors:or github_mirrors:Jul_23_2024-Dev github_mirrors:Jul_04_2024-Dev github_mirrors:Jun_26_2024-Dev github_mirrors:orianelou-new-policy-files github_mirrors:Jun_09_2024-Dev github_mirrors:May_27_2024-Dev github_mirrors:Apr_21_2024-Dev github_mirrors:Apr_14_2024-Dev github_mirrors:Mar_21_2024-Dev github_mirrors:orianelou-patch-3 github_mirrors:WrightNed-patch-1 github_mirrors:Feb_28_2024 github_mirrors:orianelou-patch-apisix github_mirrors:Feb_13_2024 github_mirrors:Feb_06_2024-Dev github_mirrors:Jan_31_2024-Dev github_mirrors:Dec-24-2023 github_mirrors:Dec-12th-2023 github_mirrors:Nov_12_2023-Dev github_mirrors:open_appsec_add_agent_cache_for_rate_limit github_mirrors:orianelou-patch-2 github_mirrors:Sep_24_2023-Dev github_mirrors:Aug_23_2023-Dev github_mirrors:changing_socket_readiness_testing github_mirrors:support-advance-model github_mirrors:Jul_24_23_chart_update github_mirrors:Jul_06_2023-Dev github_mirrors:orianelou-patch-1 github_mirrors:workflow-08_05 github_mirrors:May_11_2023-Dev github_mirrors:crowdsec github_mirrors:Apr_27_2023-Dev github_mirrors:Mar_26_2023-Dev github_mirrors:Mar_13_2023-Dev github_mirrors:Mar_02_2023-Dev github_mirrors:Feb_22_2023-Dev github_mirrors:Feb_15_2023-Dev github_mirrors:Jan_22_2023-Dev github_mirrors:Jan_18_2023-Dev github_mirrors:Jan_16_2023
github_mirrors:1.1.30 github_mirrors:1.1.29 github_mirrors:1.1.27 github_mirrors:1.1.26 github_mirrors:1.1.25 github_mirrors:1.1.24 github_mirrors:1.1.23 github_mirrors:1.1.22 github_mirrors:1.1.21 github_mirrors:1.1.20 github_mirrors:1.1.19 github_mirrors:1.1.18 github_mirrors:1.1.17 github_mirrors:1.1.16 github_mirrors:1.1.15 github_mirrors:1.1.14 github_mirrors:v1.1.3 github_mirrors:1.1.12 github_mirrors:1.1.11 github_mirrors:1.1.10 github_mirrors:1.1.9 github_mirrors:1.1.8 github_mirrors:1.1.7 github_mirrors:1.1.6 github_mirrors:1.1.5 github_mirrors:1.1.4 github_mirrors:1.1.3 github_mirrors:1.1.2 github_mirrors:1.1.0 github_mirrors:1.0.1 github_mirrors:1.0.0 github_mirrors:0.9.1-rc github_mirrors:0.9.0-rc github_mirrors:0.8.0-rc

6 Commits
1.1.30 ... fix-entry-

Author SHA1 Message Date
orenshor
a72025bc94 fix only essential qoutes 2025-11-12 09:51:45 +02:00
orenshor
9e79e65e25 Fix agent token argument issue 2025-11-11 13:58:50 +02:00
Daniel-Eisenberg
c90862d74c Docker stop issue (#366) 
* fix image entrypoint sigterm

* fix image entrypoint sigterm

---------

Co-authored-by: avigailo <avigailo@checkpoint.com>
 2025-11-06 10:53:49 +02:00
Daniel-Eisenberg
b7923dfd8c update PostgreSQL configuration in deployment files (#365) 
- Change PostgreSQL volume mount from /var/lib/postgresql/data to /var/lib/postgresql
  This allows PostgreSQL to manage the data directory structure internally

- Add PostgreSQL version configuration variable to all docker-compose files:
  * POSTGRES_VERSION for deployment/nginx
  * APPSEC_POSTGRES_VERSION for all deployment/docker-compose variants

- Update PostgreSQL image tag to use version variable (set to version 18)
  Changed from 'postgres' to 'postgres:' or 'postgres:'

- Add PostgreSQL version variable to all .env files with default value of 18

Co-authored-by: Nahum Perman <nahump@checkpoint.com>
 2025-10-28 14:58:21 +02:00
Daniel-Eisenberg
ed4e20b010 Update open-appsec-k8s-default-config-v1beta1.yaml 2025-10-21 17:40:08 +03:00
Daniel-Eisenberg
14159402e2 Update open-appsec-k8s-prevent-config-v1beta1.yaml 2025-10-21 17:39:48 +03:00
23 changed files with 58 additions and 33 deletions
Expand all files Collapse all files

33
build_system/docker/entry.sh
View File

@@ -15,13 +15,28 @@ var_mode=
var_token= var_token=
var_ignore= var_ignore=
init= init=
active_watchdog_pid=
cleanup() {
local signal="$1"
echo "[$(date '+%Y-%m-%d %H:%M:%S')] Signal ${signal} was received, exiting gracefully..." >&2
if [ -n "${active_watchdog_pid}" ] && ps -p ${active_watchdog_pid} > /dev/null 2>&1; then
kill -TERM ${active_watchdog_pid} 2>/dev/null || true
wait ${active_watchdog_pid} 2>/dev/null || true
fi
echo "Cleanup completed. Exiting now." >&2
exit 0
}
trap 'cleanup SIGTERM' SIGTERM
trap 'cleanup SIGINT' SIGINT
if [ ! -f /nano-service-installers/$ORCHESTRATION_INSTALLATION_SCRIPT ]; then if [ ! -f /nano-service-installers/$ORCHESTRATION_INSTALLATION_SCRIPT ]; then
echo "Error: agent installation package doesn't exist." echo "Error: agent installation package doesn't exist."
exit 1 exit 1
fi fi
if [ -z $1 ]; then if [ -z "$1" ]; then
var_mode="--hybrid_mode" var_mode="--hybrid_mode"
fi fi
@@ -45,30 +60,30 @@ while true; do
shift shift
done done
if [ -z $var_token ] && [ $var_mode != "--hybrid_mode" ]; then if [ -z "$var_token" ] && [ "$var_mode" != "--hybrid_mode" ]; then
var_token=$(env | grep 'AGENT_TOKEN=' | cut -d'=' -f2-) var_token=$(env | grep 'AGENT_TOKEN=' | cut -d'=' -f2-)
if [ -z $var_token ]; then if [ -z "$var_token" ]; then
echo "Error: Token was not provided as input argument." echo "Error: Token was not provided as input argument."
exit 1 exit 1
fi fi
fi fi
orchestration_service_installation_flags="--container_mode --skip_registration" orchestration_service_installation_flags="--container_mode --skip_registration"
if [ ! -z $var_token ]; then if [ -n "$var_token" ]; then
export AGENT_TOKEN="$var_token" export AGENT_TOKEN="$var_token"
orchestration_service_installation_flags="$orchestration_service_installation_flags --token $var_token" orchestration_service_installation_flags="$orchestration_service_installation_flags --token $var_token"
fi fi
if [ ! -z $var_fog_address ]; then if [ -n "$var_fog_address" ]; then
orchestration_service_installation_flags="$orchestration_service_installation_flags --fog $var_fog_address" orchestration_service_installation_flags="$orchestration_service_installation_flags --fog $var_fog_address"
fi fi
if [ ! -z $var_proxy ]; then if [ -n "$var_proxy" ]; then
orchestration_service_installation_flags="$orchestration_service_installation_flags --proxy $var_proxy" orchestration_service_installation_flags="$orchestration_service_installation_flags --proxy $var_proxy"
fi fi
if [ ! -z $var_mode ]; then if [ -n "$var_mode" ]; then
orchestration_service_installation_flags="$orchestration_service_installation_flags $var_mode" orchestration_service_installation_flags="$orchestration_service_installation_flags $var_mode"
fi fi
if [ ! -z "$var_ignore" ]; then if [ -n "$var_ignore" ]; then
orchestration_service_installation_flags="$orchestration_service_installation_flags $var_ignore" orchestration_service_installation_flags="$orchestration_service_installation_flags $var_ignore"
fi fi
@@ -99,7 +114,7 @@ fi
# use advanced model if exist as data for agent # use advanced model if exist as data for agent
FILE=/advanced-model/open-appsec-advanced-model.tgz FILE=/advanced-model/open-appsec-advanced-model.tgz
if [ -f "$FILE" ]; then if [ -f "$FILE" ]; then
tar -xzvf $FILE -C /etc/cp/conf/waap tar -xzvf "$FILE" -C /etc/cp/conf/waap
fi fi
touch /etc/cp/watchdog/wd.startup touch /etc/cp/watchdog/wd.startup

4
config/k8s/v1beta1/open-appsec-k8s-default-config-v1beta1.yaml
View File

@@ -40,7 +40,7 @@ spec:
stdout: stdout:
format: json format: json
cef-service: [] cef-service: []
-- ---
apiVersion: openappsec.io/v1beta1 apiVersion: openappsec.io/v1beta1
kind: Practice kind: Practice
metadata: metadata:
@@ -56,7 +56,7 @@ spec:
web-attacks: web-attacks:
minimum-confidence: high minimum-confidence: high
override-mode: detect-learn override-mode: detect-learn
-- ---
apiVersion: openappsec.io/v1beta1 apiVersion: openappsec.io/v1beta1
kind: CustomResponse kind: CustomResponse
metadata: metadata:

4
config/k8s/v1beta1/open-appsec-k8s-prevent-config-v1beta1.yaml
View File

@@ -40,7 +40,7 @@ spec:
stdout: stdout:
format: json format: json
cef-service: [] cef-service: []
-- ---
apiVersion: openappsec.io/v1beta1 apiVersion: openappsec.io/v1beta1
kind: Practice kind: Practice
metadata: metadata:
@@ -56,7 +56,7 @@ spec:
web-attacks: web-attacks:
minimum-confidence: high minimum-confidence: high
override-mode: prevent-learn override-mode: prevent-learn
-- ---
apiVersion: openappsec.io/v1beta1 apiVersion: openappsec.io/v1beta1
kind: CustomResponse kind: CustomResponse
metadata: metadata:

1
deployment/docker-compose/apisix/.env
View File

@@ -23,6 +23,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
## Make sure to have a valid apisix configuration for APISIX in standalone mode in the following file: ## Make sure to have a valid apisix configuration for APISIX in standalone mode in the following file:
## For deployment of a simple lab testing environment, you can deploy the example configuration provided ## For deployment of a simple lab testing environment, you can deploy the example configuration provided

4
deployment/docker-compose/apisix/docker-compose.yaml
View File

@@ -103,14 +103,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: always restart: always
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/docker-compose/envoy/.env
View File

@@ -23,6 +23,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
## Make sure to have a valid envoy.yaml Envoy configuration file present in the path below. ## Make sure to have a valid envoy.yaml Envoy configuration file present in the path below.
## For deployment of a simple lab testing environment, you can deploy the example configuration provided ## For deployment of a simple lab testing environment, you can deploy the example configuration provided

4
deployment/docker-compose/envoy/docker-compose.yaml
View File

@@ -109,14 +109,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: unless-stopped restart: unless-stopped
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/docker-compose/kong-lua-plugin/.env
View File

@@ -23,6 +23,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
## Make sure to have a valid Kong declarative configuration file kong.yaml in the folder specified for KONG_CONFIG. ## Make sure to have a valid Kong declarative configuration file kong.yaml in the folder specified for KONG_CONFIG.
## For deployment of a simple lab testing environment, you can deploy the example configuration provided ## For deployment of a simple lab testing environment, you can deploy the example configuration provided

4
deployment/docker-compose/kong-lua-plugin/docker-compose.yaml
View File

@@ -106,14 +106,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: unless-stopped restart: unless-stopped
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/docker-compose/kong/.env
View File

@@ -23,6 +23,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
## Make sure to have a valid Kong declarative configuration file kong.yaml in the folder specified for KONG_CONFIG. ## Make sure to have a valid Kong declarative configuration file kong.yaml in the folder specified for KONG_CONFIG.
## For deployment of a simple lab testing environment, you can deploy the example configuration provided ## For deployment of a simple lab testing environment, you can deploy the example configuration provided

4
deployment/docker-compose/kong/docker-compose.yaml
View File

@@ -106,14 +106,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: unless-stopped restart: unless-stopped
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/docker-compose/nginx-proxy-manager-centrally-managed/.env
View File

@@ -23,6 +23,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
# Volume mounts for NGINX Proxy Manager have been moved here as well allowing configuration via .env file # Volume mounts for NGINX Proxy Manager have been moved here as well allowing configuration via .env file
NPM_DATA=./data NPM_DATA=./data

4
deployment/docker-compose/nginx-proxy-manager-centrally-managed/docker-compose.yaml
View File

@@ -103,14 +103,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: unless-stopped restart: unless-stopped
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/docker-compose/nginx-proxy-manager/.env
View File

@@ -21,6 +21,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
# Volume mounts for NGINX Proxy Manager have been moved here as well allowing configuration via .env file # Volume mounts for NGINX Proxy Manager have been moved here as well allowing configuration via .env file
NPM_DATA=./data NPM_DATA=./data

4
deployment/docker-compose/nginx-proxy-manager/docker-compose.yaml
View File

@@ -106,14 +106,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: unless-stopped restart: unless-stopped
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/docker-compose/nginx-unified/.env
View File

@@ -23,6 +23,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
## Make sure to have a valid NGINX configuration file default.conf in the folder specified for NGINX_CONFIG. ## Make sure to have a valid NGINX configuration file default.conf in the folder specified for NGINX_CONFIG.
## For deployment of a simple lab testing environment, you can deploy the example configuration provided ## For deployment of a simple lab testing environment, you can deploy the example configuration provided

4
deployment/docker-compose/nginx-unified/docker-compose.yaml
View File

@@ -96,14 +96,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: unless-stopped restart: unless-stopped
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/docker-compose/nginx/.env
View File

@@ -23,6 +23,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
## Make sure to have a valid NGINX configuration file default.conf in the folder specified for NGINX_CONFIG. ## Make sure to have a valid NGINX configuration file default.conf in the folder specified for NGINX_CONFIG.
## For deployment of a simple lab testing environment, you can deploy the example configuration provided ## For deployment of a simple lab testing environment, you can deploy the example configuration provided

4
deployment/docker-compose/nginx/docker-compose.yaml
View File

@@ -108,14 +108,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: unless-stopped restart: unless-stopped
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/docker-compose/swag/.env
View File

@@ -23,6 +23,7 @@ APPSEC_DB_PASSWORD=pass
APPSEC_DB_USER=postgres APPSEC_DB_USER=postgres
APPSEC_DB_HOST=appsec-db APPSEC_DB_HOST=appsec-db
APPSEC_POSTGRES_STORAGE=./appsec-postgres-data APPSEC_POSTGRES_STORAGE=./appsec-postgres-data
APPSEC_POSTGRES_VERSION=18
## Most relevant SWAG parameters have been moved here as well allowing configuration via .env file ## Most relevant SWAG parameters have been moved here as well allowing configuration via .env file
SWAG_CONFIG=./swag-config SWAG_CONFIG=./swag-config

4
deployment/docker-compose/swag/docker-compose.yaml
View File

@@ -117,14 +117,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${APPSEC_POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: unless-stopped restart: unless-stopped
environment: environment:
- POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD} - POSTGRES_PASSWORD=${APPSEC_DB_PASSWORD}
- POSTGRES_USER=${APPSEC_DB_USER} - POSTGRES_USER=${APPSEC_DB_USER}
volumes: volumes:
- ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql/data - ${APPSEC_POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
juiceshop-backend: juiceshop-backend:

1
deployment/nginx/.env
View File

@@ -15,6 +15,7 @@ USER_EMAIL=user@email.com
DB_PASSWORD=pass DB_PASSWORD=pass
DB_USER=postgres DB_USER=postgres
DB_HOST=appsec-db DB_HOST=appsec-db
POSTGRES_VERSION=18
POSTGRES_STORAGE=./postgres-data POSTGRES_STORAGE=./postgres-data
NGINX_CONF_DIR=./nginx-proxy-config NGINX_CONF_DIR=./nginx-proxy-config

4
deployment/nginx/docker-compose.yaml
View File

@@ -81,14 +81,14 @@ services:
appsec-db: appsec-db:
profiles: profiles:
- standalone - standalone
image: postgres image: postgres:${POSTGRES_VERSION}
container_name: appsec-db container_name: appsec-db
restart: always restart: always
environment: environment:
- POSTGRES_PASSWORD=${DB_PASSWORD} - POSTGRES_PASSWORD=${DB_PASSWORD}
- POSTGRES_USER=${DB_USER} - POSTGRES_USER=${DB_USER}
volumes: volumes:
- ${POSTGRES_STORAGE}:/var/lib/postgresql/data - ${POSTGRES_STORAGE}:/var/lib/postgresql
## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV) ## example juice-shop backend container (vulnerable webserver, USE ONLY FOR TESTING AND IN LAB ENV)
## ##