mirror of
https://github.com/stefanpejcic/openpanel
synced 2025-06-26 18:28:26 +00:00
Update install.sh
This commit is contained in:
parent
0afd4f8343
commit
a113e31c24
18
install.sh
18
install.sh
@ -34,7 +34,7 @@ LOCALES=true # only en
|
|||||||
NO_SSH=false # deny port 22
|
NO_SSH=false # deny port 22
|
||||||
SET_HOSTNAME_NOW=false # must be a FQDN
|
SET_HOSTNAME_NOW=false # must be a FQDN
|
||||||
SETUP_SWAP_ANYWAY=false
|
SETUP_SWAP_ANYWAY=false
|
||||||
MODSEC=true # install modsecurity, unless user provices --no-modsecurity flag
|
CORAZA=true # install CorazaWAF, unless user provices --no-waf flag
|
||||||
SWAP_FILE="1" # calculated based on ram
|
SWAP_FILE="1" # calculated based on ram
|
||||||
SEND_EMAIL_AFTER_INSTALL=false
|
SEND_EMAIL_AFTER_INSTALL=false
|
||||||
SET_PREMIUM=false # added in 0.2.1
|
SET_PREMIUM=false # added in 0.2.1
|
||||||
@ -290,7 +290,7 @@ panel_customize # customizations
|
|||||||
docker_compose_up # must be after configure_nginx
|
docker_compose_up # must be after configure_nginx
|
||||||
docker_cpu_limiting # https://docs.docker.com/engine/security/rootless/#limiting-resources
|
docker_cpu_limiting # https://docs.docker.com/engine/security/rootless/#limiting-resources
|
||||||
set_premium_features # must be after docker_compose_up
|
set_premium_features # must be after docker_compose_up
|
||||||
configure_modsecurity # download modsec coreruleset or change docker image
|
configure_coraza # download corazawaf coreruleset or change docker image
|
||||||
set_custom_hostname # set hostname if provided
|
set_custom_hostname # set hostname if provided
|
||||||
generate_and_set_ssl_for_panels # if FQDN then lets setup https
|
generate_and_set_ssl_for_panels # if FQDN then lets setup https
|
||||||
setup_firewall_service # setup firewall
|
setup_firewall_service # setup firewall
|
||||||
@ -374,7 +374,7 @@ parse_args() {
|
|||||||
echo " --csf Install and setup ConfigServer Firewall (default from >0.2.3)"
|
echo " --csf Install and setup ConfigServer Firewall (default from >0.2.3)"
|
||||||
echo " --ufw Install and setup Uncomplicated Firewall (was default in <0.2.3)"
|
echo " --ufw Install and setup Uncomplicated Firewall (was default in <0.2.3)"
|
||||||
echo " --skip-ssl Skip SSL setup."
|
echo " --skip-ssl Skip SSL setup."
|
||||||
echo " --no-modsecurity Do not configure ModSecurity with OWASP Coreruleset."
|
echo " --no-waf Do not configure CorazaWAF with OWASP Coreruleset."
|
||||||
echo " --no-ssh Disable port 22 and whitelist the IP address of user installing the panel."
|
echo " --no-ssh Disable port 22 and whitelist the IP address of user installing the panel."
|
||||||
echo " --post_install=<path> Specify the post install script path."
|
echo " --post_install=<path> Specify the post install script path."
|
||||||
echo " --screenshots=<url> Set the screenshots API URL."
|
echo " --screenshots=<url> Set the screenshots API URL."
|
||||||
@ -438,8 +438,8 @@ while [[ $# -gt 0 ]]; do
|
|||||||
--skip-ssl)
|
--skip-ssl)
|
||||||
SKIP_SSL=true
|
SKIP_SSL=true
|
||||||
;;
|
;;
|
||||||
--no-modsecurity)
|
--no-waf)
|
||||||
MODSEC=false
|
CORAZA=false
|
||||||
;;
|
;;
|
||||||
--debug)
|
--debug)
|
||||||
DEBUG=true
|
DEBUG=true
|
||||||
@ -1568,15 +1568,15 @@ fi
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
configure_modsecurity() {
|
configure_coraza() {
|
||||||
|
|
||||||
if [ "$MODSEC" = true ]; then
|
if [ "$CORAZA" = true ]; then
|
||||||
echo "Installing ModSecurity and setting OWASP core ruleset.."
|
echo "Installing CorazaWAF and setting OWASP core ruleset.."
|
||||||
debug_log mkdir -p /etc/openpanel/caddy/
|
debug_log mkdir -p /etc/openpanel/caddy/
|
||||||
debug_log wget https://raw.githubusercontent.com/corazawaf/coraza/v3/dev/coraza.conf-recommended -O /etc/openpanel/caddy/coraza_rules.conf
|
debug_log wget https://raw.githubusercontent.com/corazawaf/coraza/v3/dev/coraza.conf-recommended -O /etc/openpanel/caddy/coraza_rules.conf
|
||||||
debug_log git clone https://github.com/coreruleset/coreruleset /etc/openpanel/caddy/coreruleset/
|
debug_log git clone https://github.com/coreruleset/coreruleset /etc/openpanel/caddy/coreruleset/
|
||||||
else
|
else
|
||||||
echo "Disabling ModSecurity: setting caddy:latest docker image instead of openpanel/caddy-coraza"
|
echo "Disabling CorazaWAF: setting caddy:latest docker image instead of openpanel/caddy-coraza"
|
||||||
sed -i 's|image: .*caddy.*|image: caddy:latest|' /root/docker-compose.yml
|
sed -i 's|image: .*caddy.*|image: caddy:latest|' /root/docker-compose.yml
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user