Baffle-WAF/baffle-hub
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

path-matching #1

Merged
dkam merged 7 commits from path-matching into main 2025-11-15 01:55:46 +00:00
Conversation 0 Commits 7 Files Changed 102 +76 -9
1 changed files with 76 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit 5e5198f113 - Show all commits

85
README.md
View File

@@ -20,25 +20,98 @@ Baffle Hub provides intelligent Web Application Firewall (WAF) analytics with au
- Basic analytics dashboard
- Background job processing system
- Docker deployment setup
- Forward auth endpoint implementation ( see Baffle-agent )
### 🚧 In Progress
- Rule management framework
- IP range blocking rules
- Country-based blocking (via IP ranges)
- Forward auth endpoint implementation
- Path based blocking
- Rate limiting engine
- Real-time rule updates ( 10 - 20 second )
### 📋 TODO
- Advanced pattern analysis and threat detection
- Automatic rule generation algorithms
- Rate limiting engine
- Challenge/redirect mechanisms
- Unix socket support for ultra-low latency
- Multi-node rule synchronization
- Advanced analytics visualizations
- Real-time rule updates
### Unlikely to Do
- Complete OSWAP capabilities
## Quick Start
### With Docker
```yaml
services:
# PostgreSQL database
postgres:
image: postgres:18-alpine
environment:
POSTGRES_DB: baffle_hub_production
POSTGRES_USER: baffle_hub
POSTGRES_PASSWORD: ${BAFFLE_HUB_DATABASE_PASSWORD:-abcbafflehub123}
volumes:
- postgres_data:/var/lib/postgresql/data
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -U baffle_hub -d baffle_hub_production"]
interval: 30s
timeout: 10s
retries: 3
# Web instance
web:
image: git.booko.info/dkam/baffle-hub:v0.1.3-dev
environment:
RAILS_ENV: production
SECRET_KEY_BASE: ${SECRET_KEY_BASE}
BAFFLE_HUB_DATABASE_PASSWORD: ${BAFFLE_HUB_DATABASE_PASSWORD:-bafflehub123}
DATABASE_URL: postgres://baffle_hub:${BAFFLE_HUB_DATABASE_PASSWORD:-bafflehub123}@postgres:5432/baffle_hub_production
# Disable Solid Queue in Puma for web instance
SOLID_QUEUE_IN_PUMA: false
BAFFLE_HOST: ${BAFFLE_HOST}
OIDC_CLIENT_ID: ${OIDC_CLIENT_ID}
OIDC_CLIENT_SECRET: ${OIDC_CLIENT_SECRET}
OIDC_DISCOVERY_URL: ${OIDC_DISCOVERY_URL}
ports:
- "${HOST_IP}:3003:3000"
volumes:
- ./log:/app/log
- ./tmp:/app/tmp
- ./storage:/rails/storage
# depends_on:
# postgres:
# condition: service_healthy
restart: unless-stopped
# command: bundle exec puma -C config/puma.rb
# Jobs instance (Solid Queue worker)
jobs:
image: git.booko.info/dkam/baffle-hub:v0.1.3-dev
environment:
RAILS_ENV: production
SECRET_KEY_BASE: ${SECRET_KEY_BASE}
BAFFLE_HUB_DATABASE_PASSWORD: ${BAFFLE_HUB_DATABASE_PASSWORD:-bafflehub123}
DATABASE_URL: postgres://baffle_hub:${BAFFLE_HUB_DATABASE_PASSWORD:-bafflehub123}@postgres:5432/baffle_hub_production
volumes:
- ./log:/app/log
- ./tmp:/app/tmp
- ./storage:/rails/storage
# depends_on:
# postgres:
# condition: service_healthy
restart: unless-stopped
command: bin/jobs
volumes:
postgres_data:
```
### Prerequisites
- Ruby 3.x
@@ -64,12 +137,6 @@ rails db:create db:migrate
rails server
```
### With Docker
```bash
# Build and run
docker-compose up -d
```
## Architecture