librewolf
/
bunkerized-nginx
mirror of https://github.com/bunkerity/bunkerized-nginx
4
0
Fork 1
Code Issues Projects Releases Wiki Activity

fix nextcloud modsec rule id, fix k8s pvc definition and remove useless logs from linux/start.sh

This commit is contained in:
bunkerity 2023-03-29 10:45:44 +02:00
parent e50c92250b
commit 2d11a1c728
5 changed files with 5 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
examples/nextcloud/autoconf.yml
View File

@ -54,7 +54,7 @@ services:
setvar:'tx.allowed_methods=GET POST HEAD COPY DELETE LOCK MKCOL MOVE PROPFIND PROPPATCH PUT UNLOCK OPTIONS'"
- |
bunkerweb.CUSTOM_CONF_MODSEC_nextcloud=
SecRule REQUEST_FILENAME "@rx ^/remote.php/dav/files/" "id:1000,ctl:ruleRemoveByTag=attack-protocol,ctl:ruleRemoveByTag=attack-generic,nolog"
SecRule REQUEST_FILENAME "@rx ^/remote.php/dav/files/" "id:1,ctl:ruleRemoveByTag=attack-protocol,ctl:ruleRemoveByTag=attack-generic,nolog"
mydb:

2
examples/nextcloud/bw-data/configs/modsec/nextcloud.conf
View File

@ -1 +1 @@
SecRule REQUEST_FILENAME "@rx ^/remote.php/dav/files/" "id:1000,ctl:ruleRemoveByTag=attack-protocol,ctl:ruleRemoveByTag=attack-generic,nolog"
SecRule REQUEST_FILENAME "@rx ^/remote.php/dav/files/" "id:1,ctl:ruleRemoveByTag=attack-protocol,ctl:ruleRemoveByTag=attack-generic,nolog"

2
examples/nextcloud/docker-compose.yml
View File

@ -45,7 +45,7 @@ services:
setvar:'tx.allowed_methods=GET POST HEAD COPY DELETE LOCK MKCOL MOVE PROPFIND PROPPATCH PUT UNLOCK OPTIONS'"
- |
CUSTOM_CONF_MODSEC_nextcloud=
SecRule REQUEST_FILENAME "@rx ^/remote.php/dav/files/" "id:2000,ctl:ruleRemoveByTag=attack-protocol,ctl:ruleRemoveByTag=attack-generic,nolog"
SecRule REQUEST_FILENAME "@rx ^/remote.php/dav/files/" "id:1,ctl:ruleRemoveByTag=attack-protocol,ctl:ruleRemoveByTag=attack-generic,nolog"
labels:
- "bunkerweb.INSTANCE" # required for the scheduler to recognize the container
networks:

2
misc/integrations/k8s.mariadb.yml
View File

@ -262,5 +262,3 @@ spec:
resources:
requests:
storage: 5Gi
storageClassName: ""
volumeName: pv-bunkerweb

4
src/linux/scripts/start.sh
View File

@ -16,7 +16,7 @@ function display_help() {
}
function stop_nginx() {
pgrep nginx
pgrep nginx > /dev/null 2>&1
if [ $? -eq 0 ] ; then
log "SYSTEMCTL" " " "Stopping nginx..."
nginx -s stop
@ -26,7 +26,7 @@ function stop_nginx() {
fi
count=0
while [ 1 ] ; do
pgrep nginx
pgrep nginx > /dev/null 2>&1
if [ $? -ne 0 ] ; then
break
fi