{ "apiVersion": "apps/v1", "kind": "Deployment", "metadata": { "labels": { "app.kubernetes.io/managed-by": "flowercore", "app.kubernetes.io/name": "php-waf" }, "name": "php-waf", "namespace": "fc-php" }, "spec": { "progressDeadlineSeconds": 600, "replicas": 1, "revisionHistoryLimit": 10, "selector": { "matchLabels": { "app.kubernetes.io/name": "php-waf" } }, "strategy": { "type": "Recreate" }, "template": { "metadata": { "labels": { "app.kubernetes.io/name": "php-waf" } }, "spec": { "containers": [ { "env": [ { "name": "BACKEND", "value": "http://php-web.fc-php.svc.cluster.local:5400" }, { "name": "SERVER_NAME", "value": "php.iamworkin.lan" }, { "name": "PORT", "value": "8080" }, { "name": "PROXY_PRESERVE_HOST", "value": "on" }, { "name": "PROXY_TIMEOUT", "value": "60s" }, { "name": "MODSEC_RULE_ENGINE", "value": "On" }, { "name": "MODSEC_AUDIT_ENGINE", "value": "RelevantOnly" }, { "name": "MODSEC_AUDIT_LOG", "value": "/dev/stdout" }, { "name": "MODSEC_AUDIT_LOG_TYPE", "value": "Serial" }, { "name": "LOGLEVEL", "value": "warn" }, { "name": "ERRORLOG", "value": "/dev/stderr" }, { "name": "ACCESSLOG", "value": "/dev/stdout" }, { "name": "BLOCKING_PARANOIA", "value": "1" }, { "name": "DETECTION_PARANOIA", "value": "1" }, { "name": "ANOMALY_INBOUND", "value": "5" }, { "name": "ANOMALY_OUTBOUND", "value": "4" } ], "image": "owasp/modsecurity-crs:4.25-nginx-alpine-lts@sha256:88b59911549723e71beabf3b4aa47bbd31b00e79401f442e65ddfc430ae46343", "imagePullPolicy": "IfNotPresent", "livenessProbe": { "failureThreshold": 3, "httpGet": { "httpHeaders": [ { "name": "Host", "value": "php.iamworkin.lan" } ], "path": "/healthz", "port": 8080, "scheme": "HTTP" }, "initialDelaySeconds": 20, "periodSeconds": 30, "successThreshold": 1, "timeoutSeconds": 2 }, "name": "php-waf", "ports": [ { "containerPort": 8080, "name": "http", "protocol": "TCP" } ], "readinessProbe": { "failureThreshold": 3, "httpGet": { "httpHeaders": [ { "name": "Host", "value": "php.iamworkin.lan" } ], "path": "/healthz", "port": 8080, "scheme": "HTTP" }, "initialDelaySeconds": 10, "periodSeconds": 10, "successThreshold": 1, "timeoutSeconds": 2 }, "resources": { "limits": { "cpu": "500m", "memory": "512Mi" }, "requests": { "cpu": "100m", "memory": "128Mi" } }, "securityContext": { "allowPrivilegeEscalation": false, "capabilities": { "drop": [ "ALL" ] } }, "terminationMessagePath": "/dev/termination-log", "terminationMessagePolicy": "File" } ], "enableServiceLinks": false, "restartPolicy": "Always", "schedulerName": "default-scheduler", "securityContext": { "fsGroup": 101, "runAsGroup": 101, "runAsNonRoot": true, "runAsUser": 101 }, "serviceAccount": "php-web", "serviceAccountName": "php-web", "terminationGracePeriodSeconds": 30 } } } }