agala/server-initializer
1
0
Fork 0
mirror of https://github.com/elAgala/server-initializer.git synced 2026-02-14 05:06:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add full caddy installation (Coraza WAF + Crowdsec)

Browse Source 
- Remove security issue when exposing ports in a docker container: Use
intranet instead
- Modify install_caddy to use new template
This commit is contained in:
elAgala
2025-01-26 01:35:59 -03:00
parent f352126e56
commit 3d9bdc04b2
9 changed files with 149 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
images/caddy_full/Dockerfile Normal file
View File

@@ -0,0 +1,23 @@
# Build stage with xcaddy
FROM caddy:builder AS builder
# Install xcaddy and build Caddy with plugins
RUN xcaddy build \
--with github.com/corazawaf/coraza-caddy \
--with github.com/hslatman/caddy-crowdsec-bouncer/http
# Stage to download OWASP CRS
FROM alpine:latest AS crs
RUN apk add --no-cache git && \
git clone --depth 1 --branch v4.0.0 \
https://github.com/coreruleset/coreruleset.git /coreruleset && \
mv /coreruleset/crs-setup.conf.example /coreruleset/crs-setup.conf
# Final stage
FROM caddy:latest
# Copy custom Caddy binary
COPY --from=builder /usr/bin/caddy /usr/bin/caddy
# Copy OWASP CRS from the crs stage
COPY --from=crs /coreruleset /etc/caddy/coreruleset