congsh/Arch1Panel
1
0
Fork 0
mirror of https://github.com/arch3rPro/1Panel-Appstore.git synced 2026-05-03 20:52:12 +08:00
Code Issues Packages Projects Releases Wiki Activity

Remake Repository

Browse Source
This commit is contained in:
arch3rPro
2025-06-30 23:37:03 +08:00
parent d593e04bd7
commit e98d0faf79
420 changed files with 55489 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
apps/safeline/7.3.1/.env.sample
+5
View File
@@ -0,0 +1,5 @@
CONTAINER_NAME="safeline"
PANEL_APP_PORT_HTTP="40080"
POSTGRES_PASSWORD="password_xxJdZD"
SAFELINE_DIR="./data"
SUBNET_PREFIX="172.18.0"
apps/safeline/7.3.1/data.yml
+32
View File
@@ -0,0 +1,32 @@
additionalProperties:
formFields:
- default: ""
edit: true
envKey: POSTGRES_PASSWORD
labelEn: Postgres database User Password
labelZh: Postgres数据库密码
required: true
rule: paramCommon
type: password
- default: 40080
edit: true
envKey: PANEL_APP_PORT_HTTP
labelEn: Port
labelZh: 端口
required: true
rule: paramPort
type: number
- default: ./data
edit: true
envKey: SAFELINE_DIR
labelEn: Data storage folder
labelZh: 数据存放文件夹
required: true
type: text
- default: 172.18.0
edit: true
envKey: SUBNET_PREFIX
labelEn: 1panel-network subnet prefix (Check the docker network to get it)
labelZh: 1panel-network 子网前缀 (查看docker网络获取)
required: true
type: text
apps/safeline/7.3.1/docker-compose.yml
+162
View File
@@ -0,0 +1,162 @@
services:
safeline-mgt:
container_name: ${CONTAINER_NAME}-mgt
restart: always
networks:
1panel-network:
safeline-ce:
ipv4_address: ${SUBNET_PREFIX}.4
image: chaitin/safeline-mgt:7.3.1
volumes:
- /etc/localtime:/etc/localtime:ro
- ${SAFELINE_DIR}/resources/mgt:/app/data
- ${SAFELINE_DIR}/logs/nginx:/app/log/nginx:z
- ${SAFELINE_DIR}/resources/sock:/app/sock
- /var/run:/app/run
ports:
- ${PANEL_APP_PORT_HTTP:-9443}:1443
healthcheck:
test: curl -k -f https://localhost:1443/api/open/health
environment:
- MGT_PG=postgres://safeline-ce:${POSTGRES_PASSWORD}@safeline-pg/safeline-ce?sslmode=disable
logging:
options:
max-size: "100m"
max-file: "5"
depends_on:
- safeline-pg
- safeline-fvm
labels:
createdBy: Apps
safeline-detector:
container_name: ${CONTAINER_NAME}-detector
restart: always
networks:
1panel-network:
safeline-ce:
ipv4_address: ${SUBNET_PREFIX}.5
image: chaitin/safeline-detector:7.3.1
volumes:
- ${SAFELINE_DIR}/resources/detector:/resources/detector
- ${SAFELINE_DIR}/logs/detector:/logs/detector
- /etc/localtime:/etc/localtime:ro
environment:
- LOG_DIR=/logs/detector
labels:
createdBy: Apps
safeline-tengine:
container_name: ${CONTAINER_NAME}-tengine
restart: always
image: chaitin/safeline-tengine:7.3.1
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/resolv.conf:/etc/resolv.conf:ro
- ${SAFELINE_DIR}/resources/nginx:/etc/nginx
- ${SAFELINE_DIR}/resources/detector:/resources/detector
- ${SAFELINE_DIR}/resources/chaos:/resources/chaos
- ${SAFELINE_DIR}/logs/nginx:/var/log/nginx:z
- ${SAFELINE_DIR}/resources/cache:/usr/local/nginx/cache
- ${SAFELINE_DIR}/resources/sock:/app/sock
environment:
- TCD_MGT_API=https://${SUBNET_PREFIX}.4:1443/api/open/publish/server
- SNSERVER_ADDR=${SUBNET_PREFIX}.5:8000
ulimits:
nofile: 131072
network_mode: host
labels:
createdBy: Apps
safeline-luigi:
container_name: ${CONTAINER_NAME}-luigi
restart: always
networks:
1panel-network:
safeline-ce:
ipv4_address: ${SUBNET_PREFIX}.7
image: chaitin/safeline-luigi:7.3.1
volumes:
- /etc/localtime:/etc/localtime:ro
- ${SAFELINE_DIR}/resources/luigi:/app/data
- ${SAFELINE_DIR}/logs/nginx:/app/log/nginx:z
environment:
- MGT_IP=${SUBNET_PREFIX}.4
logging:
options:
max-size: "100m"
max-file: "5"
depends_on:
- safeline-detector
- safeline-mgt
labels:
createdBy: Apps
safeline-fvm:
container_name: ${CONTAINER_NAME}-fvm
restart: always
networks:
1panel-network:
safeline-ce:
ipv4_address: ${SUBNET_PREFIX}.8
image: chaitin/safeline-fvm:7.3.1
volumes:
- /etc/localtime:/etc/localtime:ro
logging:
options:
max-size: "100m"
max-file: "5"
labels:
createdBy: Apps
safeline-pg:
container_name: ${CONTAINER_NAME}-pg
restart: always
networks:
1panel-network:
safeline-ce:
ipv4_address: ${SUBNET_PREFIX}.2
image: postgres:15.8
volumes:
- ${SAFELINE_DIR}/resources/postgres/data:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
environment:
- POSTGRES_USER=safeline-ce
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
command: [postgres, -c, max_connections=600]
healthcheck:
test: pg_isready -U safeline-ce -d safeline-ce
labels:
createdBy: Apps
safeline-chaos:
container_name: ${CONTAINER_NAME}-chaos
restart: always
networks:
1panel-network:
safeline-ce:
ipv4_address: ${SUBNET_PREFIX}.10
image: chaitin/safeline-chaos:7.3.1
logging:
options:
max-size: "100m"
max-file: "5"
volumes:
- ${SAFELINE_DIR}/resources/sock:/app/sock
- ${SAFELINE_DIR}/resources/chaos:/app/chaos
labels:
createdBy: Apps
networks:
1panel-network:
external: true
safeline-ce:
name: safeline-ce
driver: bridge
ipam:
driver: default
config:
- gateway: ${SUBNET_PREFIX:?SUBNET_PREFIX required}.1
subnet: ${SUBNET_PREFIX}.0/24
driver_opts:
com.docker.network.bridge.name: safeline-ce
apps/safeline/7.6.2/.env.sample
+5
View File
@@ -0,0 +1,5 @@
CONTAINER_NAME="safeline"
PANEL_APP_PORT_HTTP="40080"
POSTGRES_PASSWORD="password_xxJdZD"
SAFELINE_DIR="./data"
SUBNET_PREFIX="172.18.0"
apps/safeline/7.6.2/data.yml
+32
View File
@@ -0,0 +1,32 @@
additionalProperties:
formFields:
- default: ""
edit: true
envKey: POSTGRES_PASSWORD
labelEn: Postgres database User Password
labelZh: Postgres数据库密码
required: true
rule: paramCommon
type: password
- default: 40080
edit: true
envKey: PANEL_APP_PORT_HTTP
labelEn: Port
labelZh: 端口
required: true
rule: paramPort
type: number
- default: ./data
edit: true
envKey: SAFELINE_DIR
labelEn: Data storage folder
labelZh: 数据存放文件夹
required: true
type: text
- default: 172.18.0
edit: true
envKey: SUBNET_PREFIX
labelEn: 1panel-network subnet prefix (Check the docker network to get it)
labelZh: 1panel-network 子网前缀 (查看docker网络获取)
required: true
type: text
apps/safeline/7.6.2/docker-compose.yml
+167
View File
@@ -0,0 +1,167 @@
services:
safeline-mgt:
container_name: ${CONTAINER_NAME}-mgt
restart: always
networks:
1panel-network:
safeline-ce:
ipv4_address: ${SUBNET_PREFIX}.4
image: chaitin/safeline-mgt:7.6.2
volumes:
- /etc/localtime:/etc/localtime:ro
- ${SAFELINE_DIR}/resources/mgt:/app/data
- ${SAFELINE_DIR}/logs/nginx:/app/log/nginx:z
- ${SAFELINE_DIR}/resources/sock:/app/sock
- /var/run:/app/run
ports:
- ${PANEL_APP_PORT_HTTP:-9443}:1443
healthcheck:
test: curl -k -f https://localhost:1443/api/open/health
environment:
- MGT_PG=postgres://safeline-ce:${POSTGRES_PASSWORD}@safeline-pg/safeline-ce?sslmode=disable
logging:
options:
max-size: "100m"
max-file: "5"
depends_on:
- safeline-pg
- safeline-fvm
labels:
createdBy: Apps
safeline-detector:
container_name: ${CONTAINER_NAME}-detector
restart: always
networks:
1panel-network:
safeline-ce:
ipv4_address: ${SUBNET_PREFIX}.5
image: chaitin/safeline-detector:7.6.2
volumes:
- ${SAFELINE_DIR}/resources/detector:/resources/detector
- ${SAFELINE_DIR}/logs/detector:/logs/detector
- /etc/localtime:/etc/localtime:ro
environment:
- LOG_DIR=/logs/detector
labels:
createdBy: Apps
safeline-tengine:
container_name: ${CONTAINER_NAME}-tengine
restart: always
image: chaitin/safeline-tengine:7.6.2
volumes:
- /etc/localtime:/etc/localtime:ro
- /etc/resolv.conf:/etc/resolv.conf:ro
- ${SAFELINE_DIR}/resources/nginx:/etc/nginx
- ${SAFELINE_DIR}/resources/detector:/resources/detector
- ${SAFELINE_DIR}/resources/chaos:/resources/chaos
- ${SAFELINE_DIR}/logs/nginx:/var/log/nginx:z
- ${SAFELINE_DIR}/resources/cache:/usr/local/nginx/cache
- ${SAFELINE_DIR}/resources/sock:/app/sock
environment:
- TCD_MGT_API=https://${SUBNET_PREFIX}.4:1443/api/open/publish/server
- TCD_SNSERVER=${SUBNET_PREFIX}.5:8000
- SNSERVER_ADDR=${SUBNET_PREFIX}.5:8000
- CHAOS_ADDR=${SUBNET_PREFIX}.10
ulimits:
nofile: 131072
network_mode: host
labels:
createdBy: Apps
safeline-luigi:
container_name: ${CONTAINER_NAME}-luigi
restart: always
networks:
1panel-network:
safeline-ce:
ipv4_address: ${SUBNET_PREFIX}.7
image: chaitin/safeline-luigi:7.6.2
volumes:
- /etc/localtime:/etc/localtime:ro
- ${SAFELINE_DIR}/resources/luigi:/app/data
- ${SAFELINE_DIR}/logs/nginx:/app/log/nginx:z
environment:
- MGT_IP=${SUBNET_PREFIX}.4
- LUIGI_PG=postgres://safeline-ce:${POSTGRES_PASSWORD}@safeline-pg/safeline-ce?sslmode=disable
logging:
options:
max-size: "100m"
max-file: "5"
depends_on:
- safeline-detector
- safeline-mgt
labels:
createdBy: Apps
safeline-fvm:
container_name: ${CONTAINER_NAME}-fvm
restart: always
networks:
1panel-network:
safeline-ce:
ipv4_address: ${SUBNET_PREFIX}.8
image: chaitin/safeline-fvm:7.6.2
volumes:
- /etc/localtime:/etc/localtime:ro
logging:
options:
max-size: "100m"
max-file: "5"
labels:
createdBy: Apps
safeline-pg:
container_name: ${CONTAINER_NAME}-pg
restart: always
networks:
1panel-network:
safeline-ce:
ipv4_address: ${SUBNET_PREFIX}.2
image: safeline-postgres:15.2
volumes:
- ${SAFELINE_DIR}/resources/postgres/data:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
environment:
- POSTGRES_USER=safeline-ce
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
command: [postgres, -c, max_connections=600]
healthcheck:
test: pg_isready -U safeline-ce -d safeline-ce
labels:
createdBy: Apps
safeline-chaos:
container_name: ${CONTAINER_NAME}-chaos
restart: always
networks:
1panel-network:
safeline-ce:
ipv4_address: ${SUBNET_PREFIX}.10
image: chaitin/safeline-chaos:7.6.2
logging:
options:
max-size: "100m"
max-file: "5"
volumes:
- ${SAFELINE_DIR}/resources/sock:/app/sock
- ${SAFELINE_DIR}/resources/chaos:/app/chaos
environment:
- DB_ADDR=postgres://safeline-ce:${POSTGRES_PASSWORD}@safeline-pg/safeline-ce?sslmode=disable
labels:
createdBy: Apps
networks:
1panel-network:
external: true
safeline-ce:
name: safeline-ce
driver: bridge
ipam:
driver: default
config:
- gateway: ${SUBNET_PREFIX:?SUBNET_PREFIX required}.1
subnet: ${SUBNET_PREFIX}.0/24
driver_opts:
com.docker.network.bridge.name: safeline-ce
apps/safeline/README.md
+58
View File
@@ -0,0 +1,58 @@
<p align="center">
<img src="https://github.com/chaitin/SafeLine/blob/main/images/banner.png?raw=true" width="400" />
</p>
<h4 align="center">
SafeLine - 雷池 - 不让黑客越过半步
</h4>
<p align="center">
<a target="_blank" href="https://waf-ce.chaitin.cn/">🏠 官网</a> &nbsp; | &nbsp;
<a target="_blank" href="https://docs.waf-ce.chaitin.cn/">📖 文档</a> &nbsp; | &nbsp;
<a target="_blank" href="https://demo.waf-ce.chaitin.cn:9443/">🔍 演示环境</a> &nbsp; | &nbsp;
<a target="_blank" href="/images/wechat.png">🙋‍♂️ 社区微信群</a> &nbsp; | &nbsp;
<a target="_blank" href="https://github.com/chaitin/SafeLine">国际版</a>
</p>
## 👋 项目介绍
SafeLine,中文名 "雷池",是一款简单好用, 效果突出的 **`Web 应用防火墙(WAF)`**,可以保护 Web 服务不受黑客攻击。
雷池通过过滤和监控 Web 应用与互联网之间的 HTTP 流量来保护 Web 服务。可以保护 Web 服务免受 `SQL 注入``XSS``代码注入``命令注入``CRLF 注入``ldap 注入``xpath 注入``RCE``XXE``SSRF``路径遍历``后门``暴力破解``CC``爬虫` 等攻击。
#### 💡 工作原理
[![img](https://github.com/chaitin/SafeLine/raw/main/images/how-it-works.png)](https://github.com/chaitin/SafeLine/blob/main/images/how-it-works.png)
雷池通过阻断流向 Web 服务的恶意 HTTP 流量来保护 Web 服务。雷池作为反向代理接入网络,通过在 Web 服务前部署雷池,可在 Web 服务和互联网之间设置一道屏障。
雷池的核心功能如下:
- 防护 Web 攻击
- 防爬虫, 防扫描
- 前端代码动态加密
- 基于源 IP 的访问速率限制
- HTTP 访问控制
#### ⚡️ 项目截图
| [![img](https://github.com/chaitin/SafeLine/raw/main/images/screenshot-1.png)](https://github.com/chaitin/SafeLine/blob/main/images/screenshot-1.png) | [![img](https://github.com/chaitin/SafeLine/raw/main/images/screenshot-2.png)](https://github.com/chaitin/SafeLine/blob/main/images/screenshot-2.png) |
| ------------------------------------------------------------ | ------------------------------------------------------------ |
| [![img](https://github.com/chaitin/SafeLine/raw/main/images/screenshot-3.png)](https://github.com/chaitin/SafeLine/blob/main/images/screenshot-3.png) | [![img](https://github.com/chaitin/SafeLine/raw/main/images/screenshot-4.png)](https://github.com/chaitin/SafeLine/blob/main/images/screenshot-4.png) |
查看 [演示环境](https://demo.waf-ce.chaitin.cn:9443/)
## 🔥 核心能力
对于你的网站而言, 雷池可以实现如下效果:
- `阻断 Web 攻击`
- 可以防御所有的 Web 攻击,例如 `SQL 注入``XSS``代码注入``操作系统命令注入``CRLF 注入``XXE``SSRF``路径遍历` 等等。
- `限制访问频率`
- 限制用户的访问速率,让 Web 服务免遭 `CC 攻击``暴力破解``流量激增` 和其他类型的滥用。
- `人机验证`
- 互联网上有来自真人用户的流量,但更多的是由爬虫, 漏洞扫描器, 蠕虫病毒, 漏洞利用程序等自动化程序发起的流量,开启雷池的人机验证功能后真人用户会被放行,恶意爬虫将会被阻断。
- `身份认证`
- 雷池的 "身份认证" 功能可以很好的解决 "未授权访问" 漏洞,当用户访问您的网站时,需要输入您配置的用户名和密码信息,不持有认证信息的用户将被拒之门外。
- `动态防护`
- 在用户浏览到的网页内容不变的情况下,将网页赋予动态特性,对 HTML 和 JavaScript 代码进行动态加密,确保每次访问时这些代码都以随机且独特的形态呈现。
apps/safeline/data.yml
+22
View File
@@ -0,0 +1,22 @@
name: Safeline
tags:
- 实用工具
title: 一款足够简单、足够好用、足够强的免费 WAF
description: 一款足够简单、足够好用、足够强的免费 WAF
additionalProperties:
key: safeline
name: Safeline 雷池
tags:
- Security
shortDescZh: 一款足够简单、足够好用、足够强的免费 WAF
shortDescEn: A simple and easy to use WAF tool
description:
zh: 一款足够简单、足够好用、足够强的免费 WAF
en: A simple and easy to use WAF tool
type: tool
crossVersionUpdate: true
limit: 1
recommend: 0
website: https://waf-ce.chaitin.cn/
github: https://github.com/chaitin/safeline
document: https://waf-ce.chaitin.cn/posts/guide_introduction
apps/safeline/logo.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 3.3 KiB