passbolt example
This commit is contained in:
bunkerity
parent
3ec81cd849
commit
e1274a6082
42
examples/passbolt/docker-compose.yml
Normal file
42
examples/passbolt/docker-compose.yml
Normal file
@ -0,0 +1,42 @@
|
|||||||
|
version: '3'
|
||||||
|
|
||||||
|
services:
|
||||||
|
|
||||||
|
mywww:
|
||||||
|
image: bunkerity/bunkerized-nginx
|
||||||
|
restart: always
|
||||||
|
ports:
|
||||||
|
- 80:8080
|
||||||
|
- 443:8443
|
||||||
|
volumes:
|
||||||
|
- ./letsencrypt:/etc/letsencrypt
|
||||||
|
- ./server-confs:/server-confs # custom confs to reverse proxy to passbolt
|
||||||
|
- ./modsec-crs-confs:/modsec-crs-confs # disable some false positive
|
||||||
|
- ./modsec-confs:/modsec-confs # disable some false positive
|
||||||
|
environment:
|
||||||
|
- SERVER_NAME=www.website.com # replace with your domain
|
||||||
|
- AUTO_LETS_ENCRYPT=yes
|
||||||
|
- REDIRECT_HTTP_TO_HTTPS=yes
|
||||||
|
- DISABLE_DEFAULT_SERVER=yes
|
||||||
|
- ALLOWED_METHODS=GET|POST|HEAD|PUT|DELETE
|
||||||
|
|
||||||
|
mypassbolt:
|
||||||
|
image: passbolt/passbolt
|
||||||
|
restart: always
|
||||||
|
environment:
|
||||||
|
- DATASOURCES_DEFAULT_HOST=mydb
|
||||||
|
- DATASOURCES_DEFAULT_PASSWORD=db-user-pwd # replace with a stronger password (must match MYSQL_PASSWORD)
|
||||||
|
- DATASOURCES_DEFAULT_USERNAME=user
|
||||||
|
- DATASOURCES_DEFAULT_DATABASE=passbolt
|
||||||
|
- APP_FULL_BASE_URL=https://www.website.com # replace with your URL
|
||||||
|
|
||||||
|
mydb:
|
||||||
|
image: mariadb
|
||||||
|
restart: always
|
||||||
|
volumes:
|
||||||
|
- ./db-data:/var/lib/mysql
|
||||||
|
environment:
|
||||||
|
- MYSQL_ROOT_PASSWORD=db-root-pwd # replace with a stronger password
|
||||||
|
- MYSQL_DATABASE=passbolt
|
||||||
|
- MYSQL_USER=user
|
||||||
|
- MYSQL_PASSWORD=db-user-pwd # replace with a stronger password (must match DATASOURCES_DEFAULT_PASSWORD)
|
||||||
2
examples/passbolt/modsec-confs/passbolt.conf
Normal file
2
examples/passbolt/modsec-confs/passbolt.conf
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
SecRuleRemoveById 942100
|
||||||
|
SecRuleRemoveById 930120
|
||||||
7
examples/passbolt/modsec-crs-confs/passbolt.conf
Normal file
7
examples/passbolt/modsec-crs-confs/passbolt.conf
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
SecAction \
|
||||||
|
"id:900200,\
|
||||||
|
phase:1,\
|
||||||
|
nolog,\
|
||||||
|
pass,\
|
||||||
|
t:none,\
|
||||||
|
setvar:'tx.allowed_methods=GET HEAD POST PUT DELETE'"
|
||||||
9
examples/passbolt/server-confs/reverse-proxy.conf
Normal file
9
examples/passbolt/server-confs/reverse-proxy.conf
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
proxy_set_header Host $host;
|
||||||
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
if ($host = www.website.com) {
|
||||||
|
proxy_pass https://mypassbolt:443$request_uri;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
Loading…
x
Reference in New Issue
Block a user