feat: override full modsecurity.conf file

fzipi commented 2 months ago

move all variables from modsecurity-override.conf to modsecurity.conf
add extra variables to configure modsecurity.conf params
update README with new variables
use only curl and remove wget usage (consistency)

Fixes #234

fzipi commented 2 months ago

No comments from @dune73 or @airween. Will merge by EOD.

ruipin commented 2 months ago

Thanks for your work! Unfortunately, this pull request broke my setup using nginx-alpine.

To fix it I had to force the following values inside my docker compose:

MODSEC_AUDIT_STORAGE_DIR: /var/log/modsecurity/audit/
MODSEC_DISABLE_BACKEND_COMPRESSION: 'Off'
MODSEC_UPLOAD_KEEP_FILES: 'Off'

The first one seems due to a typo - MODSEC_AUDIT_STORAGE_DIR is used by the new file, but the environment variable that is used for the default value is MODSEC_AUDIT_STORAGE.

The second one doesn't seem to have a default value.

The third one would complain that RelevantOnly was not a valid value, and it needed On or Off.

I've created https://github.com/coreruleset/modsecurity-crs-docker/issues/243

coreruleset / modsecurity-crs-docker

feat: override full modsecurity.conf file #239