added a WAFHEAD main

author: terminaldweller <devi@terminaldweller.com> 2025-08-08 03:49:35 +0000
committer: terminaldweller <devi@terminaldweller.com> 2025-08-08 03:49:35 +0000
commit: e2a73b7e69275f21a7a44b1fe5e9908ec1228365 (patch)
tree: a2ebbc62971109b0cc6d8ff40940f533e09bcb38
parent: updated dependencies (diff)
download: blog-e2a73b7e69275f21a7a44b1fe5e9908ec1228365.tar.gz
blog-e2a73b7e69275f21a7a44b1fe5e9908ec1228365.zip
2 files changed, 44 insertions, 33 deletions
diff --git a/docker-compose-test.yaml b/docker-compose-test.yaml
index 7ac738e..e614d37 100644
--- a/docker-compose-test.yaml
+++ b/docker-compose-test.yaml
@@ -1,29 +1,67 @@
 version: "3.9"
 services:
+  nginx-crs:
+    image: owasp/modsecurity-crs:4.16.0-nginx-alpine-202506301206
+    deploy:
+      resources:
+        limits:
+          memory: 128M
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "100m"
+    ports:
+      - 19010:8443
+    restart: unless-stopped
+    networks:
+      - blognet
+    environment:
+      - BACKEND="http://blog:9000"
+      - PROXY_SSL_CERT=/etc/letsencrypt/live/blog.terminaldweller.com/fullchain.pem
+      - PROXY_SSL_CER_KEY=/etc/letsencrypt/live/blog.terminaldweller.com/privkey.pem
+      - SSL_PORT=8443
+    volumes:
+      - ./certs/server.cert:/etc/letsencrypt/live/blog.terminaldweller.com/fullchain.pem:ro
+      - ./certs/server.key:/etc/letsencrypt/live/blog.terminaldweller.com/privkey.pem:ro
   blog:
     image: blog
     build:
       context: .
+    deploy:
+      resources:
+        limits:
+          memory: 128M
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "100m"
+    restart: unless-stopped
     networks:
       - blognet
       - dbnet
     ports:
-      - "19009:9000"
+      - "127.0.0.1:19009:9000"
     cap_drop:
       - ALL
-    environment:
-      - SERVER_DEPLOYMENT_TYPE=test
-      - SERVER_LISTEN_PORT=9000
     depends_on:
+      - nginx-crs
       - mongo
     secrets:
       - mongo_user
       - mongo_pass
   mongo:
     image: mongo:7
+    deploy:
+      resources:
+        limits:
+          memory: 128M
+    logging:
+      driver: "json-file"
+      options:
+        max-size: "100m"
     networks:
       - dbnet
-    restart: on-failure
+    restart: unless-stopped
     ports:
       - "127.0.0.1:27117:27017"
       - "127.0.0.1:27118:27018"
diff --git a/server.js b/server.js
index cafce69..1271ca6 100755
--- a/server.js
+++ b/server.js
@@ -19,7 +19,6 @@ const mit = require("markdown-it")({ html: true })
     auto: true,
     code: true,
   });
-const spdy = require("spdy");
 const helmet = require("helmet");
 const morgan = require("morgan");
 const model = require("./model");
@@ -197,30 +196,4 @@ app.use((err, req, res) => {
   return res.status(500).send({ error: err });
 });
 
-if (process.env.SERVER_DEPLOYMENT_TYPE == "deployment") {
-  spdy
-    .createServer(
-      {
-        key: fs.readFileSync(
-          "/etc/letsencrypt/live/blog.terminaldweller.com/privkey.pem",
-          "utf-8",
-        ),
-        cert: fs.readFileSync(
-          "/etc/letsencrypt/live/blog.terminaldweller.com/fullchain.pem",
-          "utf-8",
-        ),
-      },
-      app,
-    )
-    .listen(process.env.SERVER_LISTEN_PORT || 9000);
-} else if (process.env.SERVER_DEPLOYMENT_TYPE == "test") {
-  spdy
-    .createServer(
-      {
-        key: fs.readFileSync("/certs/server.key", "utf-8"),
-        cert: fs.readFileSync("/certs/server.cert", "utf-8"),
-      },
-      app,
-    )
-    .listen(process.env.SERVER_LISTEN_PORT || 9000);
-}
+app.listen(9000, () => console.log("Server is running on port 9000"));
author	terminaldweller <devi@terminaldweller.com>	2025-08-08 03:49:35 +0000
committer	terminaldweller <devi@terminaldweller.com>	2025-08-08 03:49:35 +0000
commit	e2a73b7e69275f21a7a44b1fe5e9908ec1228365 (patch)
tree	a2ebbc62971109b0cc6d8ff40940f533e09bcb38
parent	updated dependencies (diff)
download	blog-e2a73b7e69275f21a7a44b1fe5e9908ec1228365.tar.gz blog-e2a73b7e69275f21a7a44b1fe5e9908ec1228365.zip