diff --git a/ui/config.json b/ui/config.json index 11a6695..b629eac 100644 --- a/ui/config.json +++ b/ui/config.json @@ -7,28 +7,32 @@ "label":"Server name", "env":"SERVER_NAME", "regex":"^([a-z\\-0-9]+\\.?)+$", - "id":"server-name" + "id":"server-name", + "default":"www.bunkerity.com" }, { "type":"text", "label":"Max client size", "env":"MAX_CLIENT_SIZE", "regex":"^[0-9]+(k|K|m|M|g|G)?$", - "id":"max-client-size" + "id":"max-client-size", + "default":"10m" }, { "type":"text", "label":"Allowed methods", "env":"ALLOWED_METHODS", "regex":"^((GET|POST|HEAD|PUT|DELETE|CONNECT|OPTIONS|TRACE)\\|?)+$", - "id":"allowed-methods" + "id":"allowed-methods", + "default":"GET|POST|HEAD" }, { "type":"checkbox", "label":"Serve files", "env":"SERVE_FILES", "regex":"^(yes|no)$", - "id":"serve-files" + "id":"serve-files", + "default":"yes" } ] }, @@ -40,7 +44,8 @@ "label":"Remove headers", "env":"REMOVE_HEADERS", "regex":"^([A-Za-z0-9\\-] ?)*$", - "id":"remove-headers" + "id":"remove-headers", + "default":"Server X-Powered-By X-AspNet-Version X-AspNetMvc-Version" } ] }, @@ -52,35 +57,40 @@ "label":"Use auth basic", "env":"USE_AUTH_BASIC", "regex":"^(yes|no)$", - "id":"use-auth-basic" + "id":"use-auth-basic", + "default":"no" }, { "type":"text", "label":"Auth basic location", "env":"AUTH_BASIC_LOCATION", "regex":"^(sitewide|/[A-Za-z0-9/]*)$", - "id":"auth-basic-location" + "id":"auth-basic-location", + "default":"sitewide" }, { "type":"text", "label":"Auth basic user", "env":"AUTH_BASIC_USER", "regex":"^([A-Za-z0-9\\-_]+)$", - "id":"auth-basic-user" + "id":"auth-basic-user", + "default":"changeme" }, { "type":"text", "label":"Auth basic password", "env":"AUTH_BASIC_PASSWORD", "regex":"^([\\S]+)$", - "id":"auth-basic-password" + "id":"auth-basic-password", + "default":"changeme" }, { "type":"text", "label":"Auth basic text", "regex":"^([\\S ]+)$", "env":"AUTH_BASIC_TEXT", - "id":"auth-basic-text" + "id":"auth-basic-text", + "default":"Restricted area" } ] }, @@ -92,56 +102,64 @@ "label":"Use reverse proxy", "env":"USE_REVERSE_PROXY", "regex":"^(yes|no)$", - "id":"use-reverse-proxy" + "id":"use-reverse-proxy", + "default":"no" }, { "type":"text", "label":"Reverse proxy url", "env":"REVERSE_PROXY_URL", "regex":".*", - "id":"reverse-proxy-url" + "id":"reverse-proxy-url", + "default":"" }, { "type":"text", "label":"Reverse proxy host", "env":"REVERSE_PROXY_HOST", "regex":".*", - "id":"reverse-proxy-host" + "id":"reverse-proxy-host", + "default":"" }, { "type":"checkbox", "label":"Reverse proxy ws", "env":"REVERSE_PROXY_WS", "regex":"^(yes|no)$", - "id":"reverse-proxy-ws" + "id":"reverse-proxy-ws", + "default":"" }, { "type":"checkbox", "label":"Proxy real ip", "env":"PROXY_REAL_IP", "regex":"^(yes|no)$", - "id":"proxy-real-ip" + "id":"proxy-real-ip", + "default":"no" }, { "type":"text", "label":"Proxy real ip from", "env":"PROXY_REAL_IP_FROM", "regex":"^(\\d+.\\d+.\\d+.\\d+(/\\d+)? ?)*$", - "id":"proxy-real-ip-from" + "id":"proxy-real-ip-from", + "default":"192.168.0.0/16 172.16.0.0/12 10.0.0.0/8" }, { "type":"text", "label":"Proxy real ip header", "env":"PROXY_REAL_IP_HEADER", "regex":"^([A-Za-z0-9\\-])+$", - "id":"proxy-real-ip-header" + "id":"proxy-real-ip-header", + "default":"X-Forwarded-For" }, { "type":"text", "label":"Proxy real ip recursive", "env":"PROXY_REAL_IP_RECURSIVE", "regex":"^(on|off)$", - "id":"proxy-real-ip-recursive" + "id":"proxy-real-ip-recursive", + "default":"on" } ] }, @@ -153,56 +171,64 @@ "label":"Use gzip", "env":"USE_GZIP", "regex":"^(yes|no)$", - "id":"use-gzip" + "id":"use-gzip", + "default":"no" }, { "type":"text", "label":"Gzip comp level", "env":"GZIP_COMP_LEVEL", "regex":"^[1-9]$", - "id":"gzip-comp-level" + "id":"gzip-comp-level", + "default":"5" }, { "type":"text", "label":"Gzip min length", "env":"GZIP_MIN_LENGTH", "regex":"^[0-9]+$", - "id":"gzip-min-length" + "id":"gzip-min-length", + "default":"1000" }, { "type":"text", "label":"Gzip types", "env":"GZIP_TYPES", "regex":"^([a-z/\\+\\-\\.] ?)*$", - "id":"gzip-types" + "id":"gzip-types", + "default":"application/atom+xml application/javascript application/json application/rss+xml application/vnd.ms-fontobject application/x-font-opentype application/x-font-truetype application/x-font-ttf application/x-javascript application/xhtml+xml application/xml font/eot font/opentype font/otf font/truetype image/svg+xml image/vnd.microsoft.icon image/x-icon image/x-win-bitmap text/css text/javascript text/plain text/xml" }, { "type":"checkbox", "label":"Use brotli", "env":"USE_BROTLI", "regex":"^(yes|no)$", - "id":"use-brotli" + "id":"use-brotli", + "default":"no" }, { "type":"text", "label":"Brotli comp level", "env":"BROTLI_COMP_LEVEL", "regex":"^[1-9]$", - "id":"brotli-comp-level" + "id":"brotli-comp-level", + "default":"6" }, { "type":"text", "label":"Brotli min length", "env":"BROTLI_MIN_LENGTH", "regex":"^[0-9]+$", - "id":"brotli-min-length" + "id":"brotli-min-length", + "default":"1000" }, { "type":"text", "label":"Brotli types", "env":"BROTLI_TYPES", "regex":"^([a-z/\\+\\-\\.] ?)*$", - "id":"brotli-types" + "id":"brotli-types", + "default":"application/atom+xml application/javascript application/json application/rss+xml application/vnd.ms-fontobject application/x-font-opentype application/x-font-truetype application/x-font-ttf application/x-javascript application/xhtml+xml application/xml font/eot font/opentype font/otf font/truetype image/svg+xml image/vnd.microsoft.icon image/x-icon image/x-win-bitmap text/css text/javascript text/plain text/xml" } ] }, @@ -214,126 +240,144 @@ "label":"Use client cache", "env":"USE_CLIENT_CACHE", "regex":"^(yes|no)$", - "id":"use-client-cache" + "id":"use-client-cache", + "default":"no" }, { "type":"text", "label":"Client cache extensions", "env":"CLIENT_CACHE_EXTENSIONS", "regex":"^([a-z0-9]\\|?)*$", - "id":"client-cache-extensions" + "id":"client-cache-extensions", + "default":"jpg|jpeg|png|bmp|ico|svg|tif|css|js|otf|ttf|eot|woff|woff2" }, { "type":"text", "label":"Client cache control", "env":"CLIENT_CACHE_CONTROL", "regex":"^([\\S ]*)$", - "id":"client-cache-control" + "id":"client-cache-control", + "default":"public, max-age=15552000" }, { "type":"text", "label":"Client cache etag", "env":"CLIENT_CACHE_ETAG", "regex":"^(on|off)$", - "id":"client-cache-etag" + "id":"client-cache-etag", + "default":"on" }, { "type":"checkbox", "label":"Use open file cache", "env":"USE_OPEN_FILE_CACHE", "regex":"^(yes|no)$", - "id":"use-open-file-cache" + "id":"use-open-file-cache", + "default":"no" }, { "type":"text", "label":"Open file cache", "env":"OPEN_FILE_CACHE", "regex":"^([\\S ]*)$", - "id":"open-file-cache" + "id":"open-file-cache", + "default":"max=1000 inactive=20s" }, { "type":"text", "label":"Open file cache errors", "env":"OPEN_FILE_CACHE_ERRORS", "regex":"^(on|off)$", - "id":"open-file-cache-errors" + "id":"open-file-cache-errors", + "default":"on" }, { "type":"text", "label":"Open file cache min uses", "env":"OPEN_FILE_CACHE_MIN_USES", "regex":"^([1-9]+)$", - "id":"open-file-cache-min-uses" + "id":"open-file-cache-min-uses", + "default":"2" }, { "type":"text", "label":"Open file cache valid", "env":"OPEN_FILE_CACHE_VALID", "regex":"^\\d+(ms|s|m|h|d|w|M|y)$", - "id":"open-file-cache-valid" + "id":"open-file-cache-valid", + "default":"30s" }, { "type":"checkbox", "label":"Use proxy cache", "env":"USE_PROXY_CACHE", "regex":"^(yes|no)$", - "id":"use-proxy-cache" + "id":"use-proxy-cache", + "default":"no" }, { "type":"text", "label":"Proxy cache path zone size", "env":"PROXY_CACHE_PATH_ZONE_SIZE", "regex":"^[0-9]+(k|K|m|M|g|G)?$", - "id":"proxy-cache-path-zone-size" + "id":"proxy-cache-path-zone-size", + "default":"10m" }, { "type":"text", "label":"Proxy cache path params", "env":"PROXY_CACHE_PATH_PARAMS", "regex":"^([\\S ]*)$", - "id":"proxy-cache-path-params" + "id":"proxy-cache-path-params", + "default":"max_size=100m" }, { "type":"text", "label":"Proxy cache methods", "env":"PROXY_CACHE_METHODS", "regex":"^((GET|POST|HEAD|PUT|DELETE|CONNECT|OPTIONS|TRACE) ?)+$", - "id":"proxy-cache-methods" + "id":"proxy-cache-methods", + "default":"GET HEAD" }, { "type":"text", "label":"Proxy cache min uses", "env":"PROXY_CACHE_MIN_USES", "regex":"^([1-9]+)$", - "id":"proxy-cache-min-uses" + "id":"proxy-cache-min-uses", + "default":"2" }, { "type":"text", "label":"Proxy cache key", "env":"PROXY_CACHE_KEY", "regex":"^([\\S ]*)$", - "id":"proxy-cache-key" + "id":"proxy-cache-key", + "default":"\\$scheme\\$host\\$request_uri" }, { "type":"text", "label":"Proxy cache valid", "env":"PROXY_CACHE_VALID", "regex":"^(\\d{3}=\\d+(ms|s|m|h|d|w|M|y) ?)+$", - "id":"proxy-cache-valid" + "id":"proxy-cache-valid", + "default":"200=10m 301=10m 302=1h" }, { "type":"text", "label":"Proxy no cache", "env":"PROXY_NO_CACHE", "regex":"^([\\S ]*)$", - "id":"proxy-no-cache" + "id":"proxy-no-cache", + "default":"\\$http_authorization" }, { "type":"text", "label":"Proxy cache bypass", "env":"PROXY_CACHE_BYPASS", "regex":"^([\\S ]*)$", - "id":"proxy-cache-bypass" + "id":"proxy-cache-bypass", + "default":"\\$http_authorization" } ] }, @@ -345,42 +389,48 @@ "label":"Auto lets encrypt", "env":"AUTO_LETS_ENCRYPT", "regex":"^(yes|no)$", - "id":"auto-lets-encrypt" + "id":"auto-lets-encrypt", + "default":"no" }, { "type":"text", "label":"Email lets encrypt", "env":"EMAIL_LETS_ENCRYPT", "regex":"^([a-z0-9\\-\\.]+@([a-z\\-0-9]+\\.?)|.{0})$", - "id":"email-lets-encrypt" + "id":"email-lets-encrypt", + "default":"" }, { "type":"checkbox", "label":"Redirect http to https", "env":"REDIRECT_HTTP_TO_HTTPS", "regex":"^(yes|no)$", - "id":"redirect-http-to-https" + "id":"redirect-http-to-https", + "default":"no" }, { "type":"checkbox", "label":"HTTP2", "env":"HTTP2", "regex":"^(yes|no)$", - "id":"http2" + "id":"http2", + "default":"yes" }, { "type":"text", "label":"HTTPS protocols", "env":"HTTPS_PROTOCOLS", "regex":"^([\\S ]*)$", - "id":"https-protocols" + "id":"https-protocols", + "default":"TLSv1.2 TLSv1.3" }, { "type":"checkbox", "label":"Listen http", "env":"LISTEN_HTTP", "regex":"^(yes|no)$", - "id":"listen-http" + "id":"listen-http", + "default":"yes" } ] }, @@ -392,14 +442,16 @@ "label":"Use modsecurity", "env":"USE_MODSECURITY", "regex":"^(yes|no)$", - "id":"use-modsecurity" + "id":"use-modsecurity", + "default":"yes" }, { "type":"checkbox", "label":"Use modsecurity crs", "env":"USE_MODSECURITY_CRS", "regex":"^(yes|no)$", - "id":"use-modsecurity-crs" + "id":"use-modsecurity-crs", + "default":"yes" } ] }, @@ -411,70 +463,80 @@ "label":"X frame options", "env":"X_FRAME_OPTIONS", "regex":"^([\\S ]*)$", - "id":"x-frame-options" + "id":"x-frame-options", + "default":"DENY" }, { "type":"text", "label":"X xss protection", "env":"X_XSS_PROTECTION", "regex":"^([\\S ]*)$", - "id":"x-xss-protection" + "id":"x-xss-protection", + "default":"1; mode=block" }, { "type":"text", "label":"X content type options", "env":"X_CONTENT_TYPE_OPTIONS", "regex":"^([\\S ]*)$", - "id":"x-content-type-options" + "id":"x-content-type-options", + "default":"nosniff" }, { "type":"text", "label":"Referrer policy", "env":"REFERRER_POLICY", "regex":"^([\\S ]*)$", - "id":"referrer-policy" + "id":"referrer-policy", + "default":"no-referrer" }, { "type":"text", "label":"Feature policy", "env":"FEATURE_POLICY", "regex":"^([\\S ]*)$", - "id":"feature-policy" + "id":"feature-policy", + "default":"accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vibrate 'none'; vr 'none'" }, { "type":"text", "label":"Permissions policy", "env":"PERMISSIONS_POLICY", "regex":"^([\\S ]*)$", - "id":"permissions-policy" + "id":"permissions-policy", + "default":"accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vibrate=(), vr=()" }, { "type":"text", "label":"Cookie flags", "env":"COOKIE_FLAGS", "regex":"^([\\S ]*)$", - "id":"cookie-flags" + "id":"cookie-flags", + "default":"* HttpOnly SameSite=Lax" }, { "type":"checkbox", "label":"Cookie auto secure flag", "env":"COOKIE_AUTO_SECURE_FLAG", "regex":"^(yes|no)$", - "id":"cookie-auto-secure-flag" + "id":"cookie-auto-secure-flag", + "default":"yes" }, { "type":"text", "label":"Strict transport security", "env":"STRICT_TRANSPORT_SECURITY", "regex":"^([\\S ]*)$", - "id":"strict-transport-security" + "id":"strict-transport-security", + "default":"max-age=31536000" }, { "type":"text", "label":"Content security policy", "env":"CONTENT_SECURITY_POLICY", "regex":"^([\\S ]*)$", - "id":"content-security-policy" + "id":"content-security-policy", + "default":"object-src 'none'; frame-ancestors 'self'; form-action 'self'; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-popups; base-uri 'self';" } ] }, @@ -486,28 +548,32 @@ "label":"Use antibot", "env":"USE_ANTIBOT", "regex":"^(no|cookie|javascript|captcha|recaptcha)$", - "id":"use-antibot" + "id":"use-antibot", + "default":"no" }, { "type":"text", "label":"Antibot uri", "env":"ANTIBOT_URI", "regex":"^/([A-Za-z0-9\\-]/?)*$", - "id":"antibot-uri" + "id":"antibot-uri", + "default":"/challenge" }, { "type":"text", "label":"Antibot session secret", "env":"ANTIBOT_SESSION_SECRET", "regex":"^([\\S]+)$", - "id":"antibot-session-secret" + "id":"antibot-session-secret", + "default":"random" }, { "type":"text", "label":"Antibot recaptcha score", "env":"ANTIBOT_RECAPTCHA_SCORE", "regex":"^0\\.\\d$", - "id":"antibot-recaptcha-score" + "id":"antibot-recaptcha-score", + "default":"0.7" } ] }, @@ -519,35 +585,40 @@ "label":"Block user agent", "env":"BLOCK_USER_AGENT", "regex":"^(yes|no)$", - "id":"block-user-agent" + "id":"block-user-agent", + "default":"yes" }, { "type":"checkbox", "label":"Block tor exit node", "env":"BLOCK_TOR_EXIT_NODE", "regex":"^(yes|no)$", - "id":"block-tor-exit-node" + "id":"block-tor-exit-node", + "default":"yes" }, { "type":"checkbox", "label":"Block proxies", "env":"BLOCK_PROXIES", "regex":"^(yes|no)$", - "id":"block-proxies" + "id":"block-proxies", + "default":"yes" }, { "type":"checkbox", "label":"Block abusers", "env":"BLOCK_ABUSERS", "regex":"^(yes|no)$", - "id":"block-abusers" + "id":"block-abusers", + "default":"yes" }, { "type":"checkbox", "label":"Block referrer", "env":"BLOCK_REFERRER", "regex":"^(yes|no)$", - "id":"block-referrer" + "id":"block-referrer", + "default":"yes" } ] }, @@ -559,7 +630,8 @@ "label":"Use dnsbl", "env":"USE_DNSBL", "regex":"^(yes|no)$", - "id":"use-dnsbl" + "id":"use-dnsbl", + "default":"yes" } ] }, @@ -571,7 +643,8 @@ "label":"Use crowdsec", "env":"USE_CROWDSEC", "regex":"^(yes|no)$", - "id":"use-crowdsec" + "id":"use-crowdsec", + "default":"no" } ] }, @@ -583,21 +656,24 @@ "label":"Use whitelist ip", "env":"USE_WHITELIST_IP", "regex":"^(yes|no)$", - "id":"use-whitelist-ip" + "id":"use-whitelist-ip", + "default":"yes" }, { "type":"checkbox", "label":"Use whitelist reverse", "env":"USE_WHITELIST_REVERSE", "regex":"^(yes|no)$", - "id":"use-whitelist-reverse" + "id":"use-whitelist-reverse", + "default":"yes" }, { "type":"text", "label":"Whitelist country", "env":"WHITELIST_COUNTRY", "regex":"^([A-Z]{2} ?)*$", - "id":"whitelist-country" + "id":"whitelist-country", + "default":"" } ] }, @@ -609,21 +685,24 @@ "label":"Use blacklist ip", "env":"USE_BLACKLIST_IP", "regex":"^(yes|no)$", - "id":"use-blacklist-ip" + "id":"use-blacklist-ip", + "default":"yes" }, { "type":"checkbox", "label":"Use blacklist reverse", "env":"USE_BLACKLIST_REVERSE", "regex":"^(yes|no)$", - "id":"use-blacklist-reverse" + "id":"use-blacklist-reverse", + "default":"yes" }, { "type":"text", "label":"Blacklist country", "env":"BLACKLIST_COUNTRY", "regex":"^([A-Z]{2} ?)*$", - "id":"blacklist-country" + "id":"blacklist-country", + "default":"" } ] }, @@ -635,21 +714,24 @@ "label":"Use limit req", "env":"USE_LIMIT_REQ", "regex":"^(yes|no)$", - "id":"use-limit-req" + "id":"use-limit-req", + "default":"yes" }, { "type":"text", "label":"Limit req rate", "env":"LIMIT_REQ_RATE", "regex":"^\\d+r/(ms|s|m|h|d)$", - "id":"limit-req-rate" + "id":"limit-req-rate", + "default":"20r/s" }, { "type":"text", "label":"Limit req burst", "env":"LIMIT_REQ_BURST", "regex":"^\\d+$", - "id":"limit-req-burst" + "id":"limit-req-burst", + "default":"40" } ] }, @@ -661,14 +743,16 @@ "label":"Remote php", "env":"REMOTE_PHP", "regex":"^([a-z\\-0-9]+\\.?)*$", - "id":"remote-php" + "id":"remote-php", + "default":"" }, { "type":"text", "label":"Remote php path", "env":"REMOTE_PHP_PATH", "regex":"^/([A-Za-z0-9\\-]/?)*$", - "id":"remote-php-path" + "id":"remote-php-path", + "default":"/app" } ] }, @@ -680,7 +764,8 @@ "label":"Use fail2ban", "env":"USE_FAIL2BAN", "regex":"^(yes|no)$", - "id":"use-fail2ban" + "id":"use-fail2ban", + "default":"yes" } ] }, @@ -692,7 +777,8 @@ "label":"Use clamav upload", "env":"USE_CLAMAV_UPLOAD", "regex":"^(yes|no)$", - "id":"use-clamav-upload" + "id":"use-clamav-upload", + "default":"yes" } ] } diff --git a/ui/templates/services-new.html b/ui/templates/services-new.html index 36f59cd..ea841a9 100644 --- a/ui/templates/services-new.html +++ b/ui/templates/services-new.html @@ -22,7 +22,7 @@ {% for k, v in config["CONFIG"].items() %}
{% for param in v["params"] %} - {{ form_service_gen("new", "", param["id"], param["label"], param["type"], "default", param["env"])|safe }} + {{ form_service_gen("new", "", param["id"], param["label"], param["type"], param["default"], param["env"])|safe }} {% endfor %}
{% if check.update({"class": ""}) %}