From d4f621aa1d4e2931f84041f1903e214b886dac99 Mon Sep 17 00:00:00 2001 From: Felipe Zipitria Date: Fri, 18 Oct 2024 08:40:24 -0300 Subject: [PATCH 1/2] fix: unused variables Signed-off-by: Felipe Zipitria --- caddy/Dockerfile | 13 +++++++------ src/templates/coraza.conf | 8 -------- 2 files changed, 7 insertions(+), 14 deletions(-) diff --git a/caddy/Dockerfile b/caddy/Dockerfile index 0808e5a..3f815e3 100644 --- a/caddy/Dockerfile +++ b/caddy/Dockerfile @@ -142,19 +142,17 @@ USER "${CADDY_USER}:${CADDY_GROUP}" # Set env variables for config/data directories ENV \ - XDG_CONFIG_HOME="$CADDY_CONFIG_DIR" \ - XDG_DATA_HOME="$CADDY_DATA_DIR" \ ACCESSLOG=/var/log/caddy/access.log \ BACKEND=localhost:80 \ CORAZA_ARGUMENTS_LIMIT=1000 \ CORAZA_AUDIT_ENGINE="RelevantOnly" \ - CORAZA_AUDIT_LOG=/dev/stdout \ + CORAZA_AUDIT_LOG='/dev/stdout' \ CORAZA_AUDIT_LOG_FORMAT=JSON \ CORAZA_AUDIT_LOG_PARTS='ABIJDEFHZ' \ CORAZA_AUDIT_LOG_RELEVANT_STATUS="^(?:5|4[0-9][0-35-9])" \ - CORAZA_AUDIT_LOG_TYPE=Serial \ - CORAZA_AUDIT_STORAGE_DIR=/var/log/coraza/audit/ \ - CORAZA_DATA_DIR=/tmp/coraza/data \ + CORAZA_AUDIT_LOG_TYPE='Serial' \ + CORAZA_AUDIT_STORAGE_DIR='/var/log/coraza/audit/' \ + CORAZA_DATA_DIR='/tmp/coraza/data' \ CORAZA_DEBUG_LOG=/dev/null \ CORAZA_DEBUG_LOGLEVEL=1 \ CORAZA_DEFAULT_PHASE1_ACTION="phase:1,pass,log,tag:'\${CORAZA_TAG}'" \ @@ -174,7 +172,10 @@ ENV \ CORAZA_TMP_SAVE_UPLOADED_FILES="on" \ CORAZA_UPLOAD_DIR=/tmp/coraza/upload \ CORAZA_UPLOAD_FILE_MODE=0600 \ + CORAZA_UPLOAD_KEEP_FILES="Off" \ PORT=8080 \ + XDG_CONFIG_HOME="$CADDY_CONFIG_DIR" \ + XDG_DATA_HOME="$CADDY_DATA_DIR" \ # CRS specific variables PARANOIA=1 \ ANOMALY_INBOUND=5 \ diff --git a/src/templates/coraza.conf b/src/templates/coraza.conf index bf615a5..9d41643 100644 --- a/src/templates/coraza.conf +++ b/src/templates/coraza.conf @@ -6,8 +6,6 @@ SecRequestBodyNoFilesLimit ${CORAZA_REQ_BODY_NOFILES_LIMIT} SecRequestBodyLimitAction ${CORAZA_REQ_BODY_LIMIT_ACTION} # SecRequestBodyJsonDepthLimit ${CORAZA_REQ_BODY_JSON_DEPTH_LIMIT} # SecArgumentsLimit ${CORAZA_ARGUMENTS_LIMIT} -SecPcreMatchLimit ${CORAZA_PCRE_MATCH_LIMIT} -SecPcreMatchLimitRecursion ${CORAZA_PCRE_MATCH_LIMIT_RECURSION} SecResponseBodyAccess ${CORAZA_RESP_BODY_ACCESS} SecResponseBodyMimeType ${CORAZA_RESP_BODY_MIMETYPE} SecResponseBodyLimit ${CORAZA_RESP_BODY_LIMIT} @@ -19,18 +17,12 @@ SecAuditLogRelevantStatus "${CORAZA_AUDIT_LOG_RELEVANT_STATUS}" SecAuditLogParts ${CORAZA_AUDIT_LOG_PARTS} SecAuditLogType ${CORAZA_AUDIT_LOG_TYPE} SecAuditLog ${CORAZA_AUDIT_LOG} -SecArgumentSeparator ${CORAZA_ARGUMENT_SEPARATOR} -SecCookieFormat ${CORAZA_COOKIE_FORMAT} -# SecUnicodeMapFile unicode.mapping ${CORAZA_UNICODE_MAPPING} -# SecStatusEngine ${CORAZA_STATUS_ENGINE} # Additional directives SecAuditLogFormat ${CORAZA_AUDIT_LOG_FORMAT} SecAuditLogStorageDir ${CORAZA_AUDIT_STORAGE_DIR} SecDebugLog ${CORAZA_DEBUG_LOG} SecDebugLogLevel ${CORAZA_DEBUG_LOGLEVEL} -# SecDisableBackendCompression ${CORAZA_DISABLE_BACKEND_COMPRESSION} -# SecTmpSaveUploadedFiles ${CORAZA_TMP_SAVE_UPLOADED_FILES} SecUploadDir ${CORAZA_UPLOAD_DIR} SecUploadFileMode ${CORAZA_UPLOAD_FILE_MODE} SecUploadKeepFiles ${CORAZA_UPLOAD_KEEP_FILES} From 2910f322054c673e37ee91fe2893ade1a711d1da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Felipe=20Zipitr=C3=ADa?= <3012076+fzipi@users.noreply.github.com> Date: Fri, 18 Oct 2024 08:44:34 -0300 Subject: [PATCH 2/2] Apply suggestions from code review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: José Carlos Chávez --- caddy/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/caddy/Dockerfile b/caddy/Dockerfile index 3f815e3..1f7797f 100644 --- a/caddy/Dockerfile +++ b/caddy/Dockerfile @@ -174,8 +174,8 @@ ENV \ CORAZA_UPLOAD_FILE_MODE=0600 \ CORAZA_UPLOAD_KEEP_FILES="Off" \ PORT=8080 \ - XDG_CONFIG_HOME="$CADDY_CONFIG_DIR" \ - XDG_DATA_HOME="$CADDY_DATA_DIR" \ + XDG_CONFIG_HOME="${CADDY_CONFIG_DIR}" \ + XDG_DATA_HOME="${CADDY_DATA_DIR}" \ # CRS specific variables PARANOIA=1 \ ANOMALY_INBOUND=5 \