Update security-txt service rule in docker-compose.yml

Utesgui · Jul 19, 2024 · 1d9e526 · 1d9e526
1 parent 2e557b7
commit 1d9e526
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -1,2 +1,21 @@
 # security.txt
 Takes an Email-Address (or any other string) and serves it under /security.txt (RFC 5785) as plain text.
+
+# Usage
+## Portainer - Repository 
+Use this repo via git in Portainer directly. 
+Just add the following URL to your stack:  
+```https://github.com/Utesgui/security.txt```  
+As well as a environment variable:  
+```SECURITY_STRING=something```  
+If necessary, you can also change the path the file is served  
+```PATH=/betterpath.json``` -> default is /security.txt
+![url to repo, add variable](/assets/stacksettings.png)
+
+## Docker-Compose
+Use the docker-compose.yml file and change it to your liking.  
+Then use `docker-compose up -d` to start the container or Portainer to deploy the stack.
+
+# Variables
+- ```SECURITY_STRING```: The string that should be served under /security.txt
+- ```PATH```: The path the file is served under. Default is /security.txt
diff --git a/assets/stacksettings.png b/assets/stacksettings.png
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -4,6 +4,7 @@ services:
     image: git.b0t.at/b0t-at/security.txt:latest
     environment:
       - SECURITY_STRING=${SECURITY_STRING}
+      - PATH=${PATH:-/security.txt}
 #    volumes:
 #      - /opt/security-txt/public_html:/usr/share/nginx/html
 #    ports:
@@ -14,7 +15,7 @@ services:
       - "com.centurylinklabs.watchtower.enable=true"
       - "traefik.enable=true"
       - "traefik.docker.network=proxy"
-      - traefik.http.routers.security-txt.rule=PathRegexp(`security\.txt$`)
+      - traefik.http.routers.security-txt.rule=Path(`${PATH:-/security.txt}`)
       - "traefik.http.routers.security-txt.entrypoints=https,http"
       - "traefik.http.routers.security-txt.priority=420"
       - "traefik.http.routers.security-txt.tls.certresolver=le-tls" # le-dns, le-tls, le-http

diff --git a/entrypoint.sh b/entrypoint.sh
@@ -7,7 +7,7 @@ if [ -z "$SECURITY_STRING" ]; then
 fi
 
 # Write the content of SECURITY_STRING to /usr/share/nginx/html/security.txt
-echo "$SECURITY_STRING" > /usr/share/nginx/html/security.txt
+echo "$SECURITY_STRING" > /usr/share/nginx/html/$PATH
 
 # Execute the CMD from the Dockerfile, keeping nginx in the foreground
 exec "$@"