From c84f06030d567b30116caeafcca7180404d8979c Mon Sep 17 00:00:00 2001
From: Sean Teo <sawntoe@gmail.com>
Date: Mon, 8 Apr 2024 16:23:43 +0800
Subject: [PATCH 1/2] add caddy

---
 docker-compose.yml          | 20 ++++++++++++++++----
 docker-misc/caddy/Caddyfile |  7 +++++++
 2 files changed, 23 insertions(+), 4 deletions(-)
 create mode 100644 docker-misc/caddy/Caddyfile

diff --git a/docker-compose.yml b/docker-compose.yml
index 843c911..a927e80 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -12,16 +12,28 @@ services:
         - RUNNER_DB=runner_db #db for runner
     ports:
       - '5432:5432' #meant for script to add/update challs
-  nginx:
-    container_name: nginx
-    hostname: nginx
-    build: ./docker-misc/nginx/
+
+  caddy:
     restart: always
     ports:
       - "80:80"
       - "443:443"
     links:
       - "webapp"
+    volumes:
+      - ./docker-misc/caddy/Caddyfile
+
+
+#    nginx:
+#      container_name: nginx
+#      hostname: nginx
+#      build: ./docker-misc/nginx/
+#      restart: always
+#      ports:
+#        - "80:80"
+#        - "443:443"
+#      links:
+#        - "webapp"
   webapp:
     build:
       context: ./
diff --git a/docker-misc/caddy/Caddyfile b/docker-misc/caddy/Caddyfile
new file mode 100644
index 0000000..4da8286
--- /dev/null
+++ b/docker-misc/caddy/Caddyfile
@@ -0,0 +1,7 @@
+https://dunhack.me {
+    @sectool {
+        header_regexp User-Agent ^w3af.sourceforge.net|dirbuster|nikto|SF|sqlmap|fimap|nessus|whatweb|Openvas|jbrofuzz|libwhisker|webshag
+    }
+    respond @sectool 403
+    reverse_proxy http://webapp:3000
+}

From 3a11d452b4ae4e88183316124e22040b79833eff Mon Sep 17 00:00:00 2001
From: Sean Teo <sawntoe@gmail.com>
Date: Mon, 8 Apr 2024 16:37:02 +0800
Subject: [PATCH 2/2] fix dockerfile

---
 docker-compose.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index a927e80..e0facf6 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -14,6 +14,7 @@ services:
       - '5432:5432' #meant for script to add/update challs
 
   caddy:
+    image: caddy:latest
     restart: always
     ports:
       - "80:80"
@@ -21,7 +22,7 @@ services:
     links:
       - "webapp"
     volumes:
-      - ./docker-misc/caddy/Caddyfile
+      - ./docker-misc/caddy/Caddyfile:/etc/caddy/Caddyfile
 
 
 #    nginx: