Makussu/bunkerweb
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

linux/docker - common /opt/bunkerized-nginx folder

Browse Source
This commit is contained in:
bunkerity
2021-06-21 14:56:48 +02:00
parent bbb5134a39
commit 1e02368e8a
24 changed files with 236 additions and 97 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
confs/site/modsecurity-rules.conf
View File

@@ -58,11 +58,11 @@ SecAuditLog /var/log/nginx/modsec_audit.log
include /opt/bunkerized-nginx/crs-setup.conf
# custom CRS configurations before loading rules (exclusions)
{% if is_custom_conf("/modsec-crs-confs") %}
include /modsec-crs-confs/*.conf
{% if is_custom_conf("/opt/bunkerized-nginx/modsec-crs-confs") %}
include /opt/bunkerized-nginx/modsec-crs-confs/*.conf
{% endif %}
{% if MULTISITE == "yes" and is_custom_conf("/modsec-crs-confs/" + FIRST_SERVER) %}
include /modsec-crs-confs/{{ FIRST_SERVER }}/*.conf
{% if MULTISITE == "yes" and is_custom_conf("/opt/bunkerized-nginx/modsec-crs-confs/" + FIRST_SERVER) %}
include /opt/bunkerized-nginx/modsec-crs-confs/{{ FIRST_SERVER }}/*.conf
{% endif %}
# include OWASP CRS rules
@@ -70,9 +70,9 @@ include /opt/bunkerized-nginx/crs/*.conf
{% endif %}
# custom rules after loading the CRS
{% if is_custom_conf("/modsec-confs") %}
include /modsec-confs/*.conf
{% if is_custom_conf("/opt/bunkerized-nginx/modsec-confs") %}
include /opt/bunkerized-nginx/modsec-confs/*.conf
{% endif %}
{% if MULTISITE == "yes" and is_custom_conf("/modsec-confs/" + FIRST_SERVER) %}
include /modsec-confs/{{ FIRST_SERVER }}/*.conf
{% if MULTISITE == "yes" and is_custom_conf("/opt/bunkerized-nginx/modsec-confs/" + FIRST_SERVER) %}
include /opt/bunkerized-nginx/modsec-confs/{{ FIRST_SERVER }}/*.conf
{% endif %}

8
confs/site/server.conf
View File

@@ -1,7 +1,7 @@
# custom config before server block
include /pre-server-confs/*.conf;
include /opt/bunkerized-nginx/pre-server-confs/*.conf;
{% if MULTISITE == "yes" %}
include /pre-server-confs/{{ FIRST_SERVER }}/*.conf;
include /opt/bunkerized-nginx/pre-server-confs/{{ FIRST_SERVER }}/*.conf;
{% endif %}
server {
@@ -12,9 +12,9 @@ server {
{% endif %}
# custom config
include /server-confs/*.conf;
include /opt/bunkerized-nginx/server-confs/*.conf;
{% if MULTISITE == "yes" %}
include /server-confs/{{ FIRST_SERVER }}/*.conf;
include /opt/bunkerized-nginx/server-confs/{{ FIRST_SERVER }}/*.conf;
{% endif %}
# proxy real IP