b0a4d75a2a
- Updated SecurityConfig model to only support 'local' or 'disabled' modes for CrowdSec. - Modified related logic in the manager and services to reject external mode. - Adjusted tests to validate the new restrictions on CrowdSec modes. - Updated frontend components to remove references to external mode and provide appropriate user feedback. - Enhanced documentation to reflect the removal of external CrowdSec mode support.
28 lines
1.3 KiB
Go
28 lines
1.3 KiB
Go
package models
|
|
|
|
import (
|
|
"time"
|
|
)
|
|
|
|
// SecurityConfig represents global Cerberus/CrowdSec/WAF/RateLimit settings
|
|
// used by the server and propagated into the generated Caddy config.
|
|
type SecurityConfig struct {
|
|
ID uint `json:"id" gorm:"primaryKey"`
|
|
UUID string `json:"uuid" gorm:"uniqueIndex"`
|
|
Name string `json:"name" gorm:"index"`
|
|
Enabled bool `json:"enabled"`
|
|
AdminWhitelist string `json:"admin_whitelist" gorm:"type:text"` // JSON array or comma-separated CIDRs
|
|
BreakGlassHash string `json:"-" gorm:"column:break_glass_hash"`
|
|
CrowdSecMode string `json:"crowdsec_mode"` // "disabled" or "local"
|
|
CrowdSecAPIURL string `json:"crowdsec_api_url" gorm:"type:text"`
|
|
WAFMode string `json:"waf_mode"` // "disabled", "monitor", "block"
|
|
WAFRulesSource string `json:"waf_rules_source" gorm:"type:text"` // URL or name of ruleset
|
|
WAFLearning bool `json:"waf_learning"`
|
|
RateLimitEnable bool `json:"rate_limit_enable"`
|
|
RateLimitBurst int `json:"rate_limit_burst"`
|
|
RateLimitRequests int `json:"rate_limit_requests"`
|
|
RateLimitWindowSec int `json:"rate_limit_window_sec"`
|
|
CreatedAt time.Time `json:"created_at"`
|
|
UpdatedAt time.Time `json:"updated_at"`
|
|
}
|