From bb1b6eb36d896fec3b124de5fc9846a1dcc29111 Mon Sep 17 00:00:00 2001
From: arpage <straypacket@gmail.com>
Date: Thu, 31 Oct 2024 11:23:59 -0400
Subject: [PATCH] USAGOV-2043-egress-build-cleanup: Clear deprecated/unused
 build elements

---
 .docker/Dockerfile-egress |  26 --------
 docker-compose.yml        | 123 --------------------------------------
 2 files changed, 149 deletions(-)
 delete mode 100644 .docker/Dockerfile-egress

diff --git a/.docker/Dockerfile-egress b/.docker/Dockerfile-egress
deleted file mode 100644
index 0e647574ac..0000000000
--- a/.docker/Dockerfile-egress
+++ /dev/null
@@ -1,26 +0,0 @@
-# See "Adding custom Caddy modules" here:
-# https://hub.docker.com/_/caddy
-
-FROM caddy:2.7-builder AS builder
-
-ARG GOARCH=amd64
-RUN xcaddy build \
-    --with github.com/caddyserver/forwardproxy@caddy2
-
-FROM caddy:2.7-alpine
-
-RUN apk update
-RUN apk upgrade
-# Unclear whether we actually need this...
-RUN apk add nss-tools
-
-COPY --from=builder /usr/bin/caddy /usr/bin/caddy
-COPY Caddyfile /etc/caddy/Caddyfile
-COPY .profile /srv/.profile
-
-# This shouldn't be necessary once we have docker-compose properly calling our
-# .profile on startup; we do this here so that caddy will start up with our
-# Caddyfile, which refers to them.
-RUN touch /srv/allow.acl /srv/deny.acl
-
-EXPOSE 8080
diff --git a/docker-compose.yml b/docker-compose.yml
index 433844c7af..c213edbda2 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -190,126 +190,3 @@ volumes:
 
 networks:
   gsa-gov:
-
-# egress:
-#     build:
-#       context: .docker/src-egress
-#       dockerfile: .docker/Dockerfile-egress
-#     restart: unless-stopped
-#     ports:
-#       - "8080:8080"
-#     volumes:
-#       - .docker/src-egress:/etc/caddy
-#     environment:
-#       # Solution to get Alpine to run the .profile comes from
-#       # https://stackoverflow.com/a/43743532/17138235
-#       - ENV=/srv/.profile
-#       - https_proxy=https://localhost:8080
-#       # Provide the CF env fixtures... more are needed!
-#       - PORT=8080
-#       # The variables that matter to the app
-#       - PROXY_USERNAME=user
-#       - PROXY_PASSWORD=pass
-#       - PROXY_DENY="*.yahoo.com"
-#       - PROXY_ALLOW= |
-#         "*.google.com
-
-  # waf:
-  #   container_name: waf
-  #   image: gsatts/usagov-2021:waf-latest
-  #   build:
-  #     context: .docker/
-  #     dockerfile: Dockerfile-waf
-  #   ports:
-  #     - 80:80
-  #     - 443:443
-  #   networks:
-  #     gsa-gov:
-  #       aliases:
-  #         - beta-local.usa.gov
-  #         - cms-local.usa.gov
-  #   volumes:
-  #     - .docker/src-waf/etc/nginx/nginx.conf.tmpl:/etc/nginx/nginx.conf.tmpl:delegated
-  #     - .docker/src-waf/etc/nginx/conf.d:/etc/nginx/conf.d:delegated
-  #     - .docker/src-waf/etc/nginx/snippets:/etc/nginx/snippets:delegated
-  #   environment:
-  #      - SERVERNAME=localhost
-  #      - PORT=443
-  #      - APP_NAME=USAGov
-  #      - BLOCKED_NAME=USAGov
-  #      - PARANOIA=1
-  #      - ANOMALY_INBOUND=5
-
-
-  # waf:
-  #   container_name: waf
-  #   image: gsatts/usagov-2021:waf-latest
-  #   build:
-  #     context: .docker/
-  #     dockerfile: Dockerfile-waf
-  #   ports:
-  #     - 8080:80
-  #   depends_on:
-  #     - minio
-  #   networks:
-  #     - gsa-gov
-  #   environment:
-  #     - SERVERNAME=localhost
-  #     - PORT=443
-  #     - APP_NAME=USAGov
-  #     - BLOCKED_NAME=USAGov
-  #     # - IP_ALLOWED=50.81.160.164 100.36.151.190 52.222.122.97/32 52.222.123.172/32 159.142.0.0/16
-  #     #############################################
-  #     # CRS Variables
-  #     #############################################
-  #     # Paranoia Level
-  #     - PARANOIA=1
-  #     # Inbound and Outbound Anomaly Score Threshold
-  #     - ANOMALY_INBOUND=5
-  #     - ANOMALY_OUTBOUND=4
-  #     # Executing Paranoia Level
-  #     # - EXECUTING_PARANOIA=2
-  #     #######################################################
-  #     # Reverse Proxy mode
-  #     # (only available if SETPROXY was enabled during the
-  #     # parent ModSecurity image)
-  #     #######################################################
-  #     # PROXYLOCATION: Application Backend of Reverse Proxy
-  #     # - PROXYLOCATION=http://app:8000/
-  #     #
-  #     # If needed: add own httpd-proxy.conf (only available if SETPROXY
-  #     # was enabled during build of parent ModSecurity image)
-  #     #  - ./httpd-proxy.conf:/usr/local/apache2/conf/extra/httpd-proxy.conf
-  #     #######################################################
-  #     # Various CRS Variables with Default Values
-  #     #######################################################
-  #     #- ENFORCE_BODYPROC_URLENCODED=1
-  #     #- ALLOWED_METHODS=GET HEAD POST OPTIONS
-  #     #- ALLOWED_REQUEST_CONTENT_TYPE=application/x-www-form-urlencoded|multipart/form-data|text/xml|application/xml|application/soap+xml|application/x-amf|application/json|application/octet-stream|text/plain
-  #     #- ALLOWED_REQUEST_CONTENT_TYPE_CHARSET=utf-8|iso-8859-1|iso-8859-15|windows-1252
-  #     #- ALLOWED_HTTP_VERSIONS=HTTP/1.0 HTTP/1.1 HTTP/2 HTTP/2.0
-  #     #- RESTRICTED_EXTENSIONS=.asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/
-  #     #- RESTRICTED_HEADERS=/proxy/ /lock-token/ /content-range/ /if/
-  #     #- STATIC_EXTENSIONS=/.jpg/ /.jpeg/ /.png/ /.gif/ /.js/ /.css/ /.ico/ /.svg/ /.webp/
-  #     #######################################################
-  #     # CRS Variables with Default Value unlimited
-  #     #######################################################
-  #     #- MAX_NUM_ARGS=255
-  #     #- ARG_NAME_LENGTH=100
-  #     #- ARG_LENGTH=400
-  #     #- TOTAL_ARG_LENGTH=64000
-  #     #- MAX_FILE_SIZE=1048576
-  #     #- COMBINED_FILE_SIZES=1048576
-  #     #######################################################
-  #     # Volumes for ModSecurity Tuning
-  #     #######################################################
-  #     # volumes:
-  #     #   - ./src-waf/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf:/etc/modsecurity.d/owasp-crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
-  #     #   - ./src-waf/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf:/etc/modsecurity.d/owasp-crs/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf
-  #     #######################################################
-  #     # Add TLS server certificate and key
-  #     # (only available if SETPROXY was enabled during the
-  #     # parent ModSecurity image)
-  #     #######################################################
-  #     #  - ./server.crt:/usr/local/apache2/conf/server.crt
-  #     #  - ./server.key:/usr/local/apache2/conf/server.key