parent
842d0d9ed7
commit
8b37c4d5c4
@ -0,0 +1,42 @@ |
||||
{ lib, stdenv, fetchFromGitHub }: |
||||
|
||||
stdenv.mkDerivation rec { |
||||
version = "3.3.2"; |
||||
pname = "modsecurity-crs"; |
||||
|
||||
src = fetchFromGitHub { |
||||
owner = "coreruleset"; |
||||
repo = "coreruleset"; |
||||
rev = "v${version}"; |
||||
sha256 = "sha256-m/iVLhk2y5BpYu8EwC2adrrDnbaVCQ0SE25ltvMokCw="; |
||||
}; |
||||
|
||||
installPhase = '' |
||||
install -D -m444 -t $out/rules ${src}/rules/*.conf |
||||
install -D -m444 -t $out/rules ${src}/rules/*.data |
||||
install -D -m444 -t $out/share/doc/modsecurity-crs ${src}/*.md |
||||
install -D -m444 -t $out/share/doc/modsecurity-crs ${src}/{CHANGES,INSTALL,LICENSE} |
||||
install -D -m444 -t $out/share/modsecurity-crs ${src}/rules/*.example |
||||
install -D -m444 -t $out/share/modsecurity-crs ${src}/crs-setup.conf.example |
||||
cat > $out/share/modsecurity-crs/modsecurity-crs.load.example <<EOF |
||||
## |
||||
## This is a sample file for loading OWASP CRS's rules. |
||||
## |
||||
Include /etc/modsecurity/crs/crs-setup.conf |
||||
IncludeOptional /etc/modsecurity/crs/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf |
||||
Include $out/rules/*.conf |
||||
IncludeOptional /etc/modsecurity/crs/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf |
||||
EOF |
||||
''; |
||||
|
||||
meta = with lib; { |
||||
homepage = "https://coreruleset.org"; |
||||
description = '' |
||||
The OWASP ModSecurity Core Rule Set is a set of generic attack detection |
||||
rules for use with ModSecurity or compatible web application firewalls. |
||||
''; |
||||
license = licenses.asl20; |
||||
platforms = platforms.all; |
||||
maintainers = with maintainers; [ izorkin ]; |
||||
}; |
||||
} |
Loading…
Reference in new issue