From a572639f05ebb8d88cb8fe283785edd25aa1c49d Mon Sep 17 00:00:00 2001
From: Patryk Niedźwiedziński <pniedzwiedzinski19@gmail.com>
Date: Sun, 21 Mar 2021 11:04:53 +0100
Subject: Add modsecurity

---
 machines/srv1/coreruleset.nix | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 machines/srv1/coreruleset.nix

(limited to 'machines/srv1/coreruleset.nix')

diff --git a/machines/srv1/coreruleset.nix b/machines/srv1/coreruleset.nix
new file mode 100644
index 0000000..c52c898
--- /dev/null
+++ b/machines/srv1/coreruleset.nix
@@ -0,0 +1,21 @@
+{ stdenv, fetchFromGitHub }:
+stdenv.mkDerivation {
+  pname = "coreruleset";
+  version = "3.3.0";
+
+  src = fetchFromGitHub {
+    owner = "coreruleset";
+    repo = "coreruleset";
+    rev = "v3.3.0";
+    sha256 = "sha256:10z1051iwna5x8b8cl29frs5nx3s6ip7hc4mjkgh7vkck8ly4pjm";
+  };
+
+  installPhase = ''
+    mkdir $out
+    cp crs-setup.conf.example $out/crs-setup.conf
+    cp -r rules $out
+    for f in rules/*.conf; do
+      echo "Include \"$out/$f\"" >> $out/all-rules.conf
+    done
+  '';
+}
-- 
cgit 1.4.1