usagov · akf · Nov 7, 2024 · Oct 31, 2024 · Nov 7, 2024
diff --git a/.docker/Dockerfile-egress b/.docker/Dockerfile-egress
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -190,126 +190,3 @@ volumes:
 
 networks:
   gsa-gov:
-
-# egress:
-#     build:
-#       context: .docker/src-egress
-#       dockerfile: .docker/Dockerfile-egress
-#     restart: unless-stopped
-#     ports:
-#       - "8080:8080"
-#     volumes:
-#       - .docker/src-egress:/etc/caddy
-#     environment:
-#       # Solution to get Alpine to run the .profile comes from
-#       # https://stackoverflow.com/a/43743532/17138235
-#       - ENV=/srv/.profile
-#       - https_proxy=https://localhost:8080
-#       # Provide the CF env fixtures... more are needed!
-#       - PORT=8080
-#       # The variables that matter to the app
-#       - PROXY_USERNAME=user
-#       - PROXY_PASSWORD=pass
-#       - PROXY_DENY="*.yahoo.com"
-#       - PROXY_ALLOW= |
-#         "*.google.com
-
-  # waf:
-  #   container_name: waf
-  #   image: gsatts/usagov-2021:waf-latest
-  #   build:
-  #     context: .docker/
-  #     dockerfile: Dockerfile-waf
-  #   ports:
-  #     - 80:80
-  #     - 443:443
-  #   networks:
-  #     gsa-gov:
-  #       aliases:
-  #         - beta-local.usa.gov
-  #         - cms-local.usa.gov
-  #   volumes:
-  #     - .docker/src-waf/etc/nginx/nginx.conf.tmpl:/etc/nginx/nginx.conf.tmpl:delegated
-  #     - .docker/src-waf/etc/nginx/conf.d:/etc/nginx/conf.d:delegated
-  #     - .docker/src-waf/etc/nginx/snippets:/etc/nginx/snippets:delegated
-  #   environment:
-  #      - SERVERNAME=localhost
-  #      - PORT=443
-  #      - APP_NAME=USAGov
-  #      - BLOCKED_NAME=USAGov
-  #      - PARANOIA=1
-  #      - ANOMALY_INBOUND=5
-
-
-  # waf:
-  #   container_name: waf
-  #   image: gsatts/usagov-2021:waf-latest
-  #   build:
-  #     context: .docker/
-  #     dockerfile: Dockerfile-waf
-  #   ports:
-  #     - 8080:80
-  #   depends_on:
-  #     - minio
-  #   networks:
-  #     - gsa-gov
-  #   environment:
-  #     - SERVERNAME=localhost
-  #     - PORT=443
-  #     - APP_NAME=USAGov
-  #     - BLOCKED_NAME=USAGov
-  #     # - IP_ALLOWED=50.81.160.164 100.36.151.190 52.222.122.97/32 52.222.123.172/32 159.142.0.0/16
-  #     #############################################
-  #     # CRS Variables
-  #     #############################################
-  #     # Paranoia Level
-  #     - PARANOIA=1
-  #     # Inbound and Outbound Anomaly Score Threshold
-  #     - ANOMALY_INBOUND=5
-  #     - ANOMALY_OUTBOUND=4
-  #     # Executing Paranoia Level
-  #     # - EXECUTING_PARANOIA=2
-  #     #######################################################
-  #     # Reverse Proxy mode
-  #     # (only available if SETPROXY was enabled during the
-  #     # parent ModSecurity image)
-  #     #######################################################
-  #     # PROXYLOCATION: Application Backend of Reverse Proxy
-  #     # - PROXYLOCATION=http://app:8000/
-  #     #
-  #     # If needed: add own httpd-proxy.conf (only available if SETPROXY
-  #     # was enabled during build of parent ModSecurity image)
-  #     #  - ./httpd-proxy.conf:/usr/local/apache2/conf/extra/httpd-proxy.conf
-  #     #######################################################
-  #     # Various CRS Variables with Default Values
-  #     #######################################################
-  #     #- ENFORCE_BODYPROC_URLENCODED=1
-  #     #- ALLOWED_METHODS=GET HEAD POST OPTIONS
-  #     #- ALLOWED_REQUEST_CONTENT_TYPE=application/x-www-form-urlencoded|multipart/form-data|text/xml|application/xml|application/soap+xml|application/x-amf|application/json|application/octet-stream|text/plain
-  #     #- ALLOWED_REQUEST_CONTENT_TYPE_CHARSET=utf-8|iso-8859-1|iso-8859-15|windows-1252
-  #     #- ALLOWED_HTTP_VERSIONS=HTTP/1.0 HTTP/1.1 HTTP/2 HTTP/2.0
-  #     #- RESTRICTED_EXTENSIONS=.asa/ .asax/ .ascx/ .axd/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .config/ .conf/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dll/ .dos/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .ini/ .key/ .licx/ .lnk/ .log/ .mdb/ .old/ .pass/ .pdb/ .pol/ .printer/ .pwd/ .resources/ .resx/ .sql/ .sys/ .vb/ .vbs/ .vbproj/ .vsdisco/ .webinfo/ .xsd/ .xsx/
-  #     #- RESTRICTED_HEADERS=/proxy/ /lock-token/ /content-range/ /if/
-  #     #- STATIC_EXTENSIONS=/.jpg/ /.jpeg/ /.png/ /.gif/ /.js/ /.css/ /.ico/ /.svg/ /.webp/
-  #     #######################################################
-  #     # CRS Variables with Default Value unlimited
-  #     #######################################################
-  #     #- MAX_NUM_ARGS=255
-  #     #- ARG_NAME_LENGTH=100
-  #     #- ARG_LENGTH=400
-  #     #- TOTAL_ARG_LENGTH=64000
-  #     #- MAX_FILE_SIZE=1048576
-  #     #- COMBINED_FILE_SIZES=1048576
-  #     #######################################################
-  #     # Volumes for ModSecurity Tuning
-  #     #######################################################
-  #     # volumes:
-  #     #   - ./src-waf/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf:/etc/modsecurity.d/owasp-crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
-  #     #   - ./src-waf/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf:/etc/modsecurity.d/owasp-crs/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf
-  #     #######################################################
-  #     # Add TLS server certificate and key
-  #     # (only available if SETPROXY was enabled during the
-  #     # parent ModSecurity image)
-  #     #######################################################
-  #     #  - ./server.crt:/usr/local/apache2/conf/server.crt
-  #     #  - ./server.key:/usr/local/apache2/conf/server.key