-
Notifications
You must be signed in to change notification settings - Fork 282
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Build and release binaries on GitHub #171
Comments
Hi @soufianebenali , The packages for ModSecurity are distribution (and platform) dependent, we trust the distributions to keep the packages up to date. Maybe, it is the case to install the distribution package in the docker image. |
Hi @zimmerle, Thank you for clarifying. Can you please link to the packages for debian and alpine? |
debian - I am not sure where is the correct source for the Alpine Linux, the best place to ask is in the Alpine community itself. |
Could you suggest how to integrate the pre-built packages (on Debian for now) with Nginx? As of coreruleset/modsecurity-docker#33, we're starting with ModSecurity v2 + Nginx. As this is not (yet) available as a Debian package we try to build it (and are facing an "undefined symbol" error). Any hint on how to fix this would be appreciated! 🙏 Having binaries to simply install would be even better. We're looking forward to it---and are ready to get our hands dirty. MotivationIn the long run, we want to make sure pre-built packages of ModSecurity v2 and v3 are available for Debian and Alpine, so we can
without having to build binaries on the fly. This is to
Any help on coreruleset/modsecurity-docker#33 is highly appreciated! |
Hi @bittner, I understand the importance of binary packages. But, the package generation is really up to the distribution and its policy. Something that you can do, however, is to generate a package and put it in a privative repository. During the docker bootstrap, you could add your repo and later install ModSecurity from it. |
Okay, fine. A technical question: Is it possible with ModSecurity v2 to create a dynamic module for use with Nginx? (see coreruleset/modsecurity-docker#33) |
@bittner it is not a good idea to use v2 with nginx at all. There are several issues within v2 + nignx. Please use v3 instead. |
Which type of issues? Can you explain this a bit more in detail? Would you mind commenting on coreruleset/modsecurity-docker#33 directly? I'd like the entire community to know. |
Hi @bittner, All the issues regarding ModSecurity are registered here on GitHub, as an example of some issues that v3 came to fix you can check at the label - TBF by libmosecurity Hope I have answered your question. |
We are refactoring the modsecurity-docker repository. Doing this, we saw that the ModSecurity-nginx binary and its dependencies are built in the Dockerfile from source.
The installation process is rather complex and the result is risky ("unknown" if you prefer) as it's an untested setup. We would prefer to have this simpler and install an installation package for a target platform, for some obvious reasons:
Are you planning on releasing ModSecurity-nginx packages here on GitHub? Is there anything that we can help you with getting that realized?
The text was updated successfully, but these errors were encountered: