From 093b1b890e5da1c78554f205262dbac31c57bf58 Mon Sep 17 00:00:00 2001
From: Aidaho <aidaho@roxy-wi.org>
Date: Thu, 4 Apr 2024 17:26:06 +0300
Subject: [PATCH] v7.2.2.0: Update WAF nginx module path in Ansible scripts

Path of the WAF nginx module in Ansible scripts has been updated from NGINX_PATH to SERVICE_PATH. This refactoring enhances the organization of the configuration files and improves code base understanding. Changes have been applied in the WAF configuration and service execution files.
---
 .../roles/waf/templates/waf.service.j2        |  2 +-
 .../roles/waf_nginx/templates/waf.conf.j2     | 62 +++++++++----------
 app/templates/install.html                    |  4 +-
 3 files changed, 34 insertions(+), 34 deletions(-)

diff --git a/app/scripts/ansible/roles/waf/templates/waf.service.j2 b/app/scripts/ansible/roles/waf/templates/waf.service.j2
index d45cae41..fdcdda05 100644
--- a/app/scripts/ansible/roles/waf/templates/waf.service.j2
+++ b/app/scripts/ansible/roles/waf/templates/waf.service.j2
@@ -3,7 +3,7 @@ Description=HAProxy WAF
 After=syslog.target network.target
 
 [Service]
-ExecStart={{HAPROXY_PATH}}/waf/bin/modsecurity -n 4 -f {{HAPROXY_PATH}}/waf/modsecurity.conf
+ExecStart={{SERVICE_PATH}}/waf/bin/modsecurity -n 4 -f {{SERVICE_PATH}}/waf/modsecurity.conf
 ExecReload=/bin/kill -USR2 $MAINPID
 KillMode=mixed
 
diff --git a/app/scripts/ansible/roles/waf_nginx/templates/waf.conf.j2 b/app/scripts/ansible/roles/waf_nginx/templates/waf.conf.j2
index 88be7bee..858a46b6 100644
--- a/app/scripts/ansible/roles/waf_nginx/templates/waf.conf.j2
+++ b/app/scripts/ansible/roles/waf_nginx/templates/waf.conf.j2
@@ -1,31 +1,31 @@
-Include {{ NGINX_PATH }}/waf/modsecurity.conf
-Include {{ NGINX_PATH }}/waf/rulescrs-setup.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-901-INITIALIZATION.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-903.9003-NEXTCLOUD-EXCLUSION-RULES.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-903.9004-DOKUWIKI-EXCLUSION-RULES.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-903.9005-CPANEL-EXCLUSION-RULES.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-903.9006-XENFORO-EXCLUSION-RULES.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-905-COMMON-EXCEPTIONS.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-910-IP-REPUTATION.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-911-METHOD-ENFORCEMENT.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-912-DOS-PROTECTION.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-913-SCANNER-DETECTION.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-921-PROTOCOL-ATTACK.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-934-APPLICATION-ATTACK-NODEJS.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-944-APPLICATION-ATTACK-JAVA.conf
-Include {{ NGINX_PATH }}/waf/rules/REQUEST-949-BLOCKING-EVALUATION.conf
-Include {{ NGINX_PATH }}/waf/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf
-Include {{ NGINX_PATH }}/waf/rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf
-Include {{ NGINX_PATH }}/waf/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf
-Include {{ NGINX_PATH }}/waf/rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf
-Include {{ NGINX_PATH }}/waf/rules/RESPONSE-959-BLOCKING-EVALUATION.conf
-Include {{ NGINX_PATH }}/waf/rules/RESPONSE-980-CORRELATION.conf
+Include {{ SERVICE_PATH }}/waf/modsecurity.conf
+Include {{ SERVICE_PATH }}/waf/rulescrs-setup.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-901-INITIALIZATION.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-903.9001-DRUPAL-EXCLUSION-RULES.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-903.9003-NEXTCLOUD-EXCLUSION-RULES.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-903.9004-DOKUWIKI-EXCLUSION-RULES.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-903.9005-CPANEL-EXCLUSION-RULES.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-903.9006-XENFORO-EXCLUSION-RULES.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-905-COMMON-EXCEPTIONS.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-910-IP-REPUTATION.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-911-METHOD-ENFORCEMENT.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-912-DOS-PROTECTION.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-913-SCANNER-DETECTION.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-921-PROTOCOL-ATTACK.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-934-APPLICATION-ATTACK-NODEJS.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-944-APPLICATION-ATTACK-JAVA.conf
+Include {{ SERVICE_PATH }}/waf/rules/REQUEST-949-BLOCKING-EVALUATION.conf
+Include {{ SERVICE_PATH }}/waf/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf
+Include {{ SERVICE_PATH }}/waf/rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf
+Include {{ SERVICE_PATH }}/waf/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf
+Include {{ SERVICE_PATH }}/waf/rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf
+Include {{ SERVICE_PATH }}/waf/rules/RESPONSE-959-BLOCKING-EVALUATION.conf
+Include {{ SERVICE_PATH }}/waf/rules/RESPONSE-980-CORRELATION.conf
diff --git a/app/templates/install.html b/app/templates/install.html
index 8dd7505e..66f0b8e9 100644
--- a/app/templates/install.html
+++ b/app/templates/install.html
@@ -39,8 +39,8 @@
 				</td>
 				<td class="padding10 first-collumn" style="width: 20%;">
 					{% set values = dict() %}
-					{% set values = {'2.4.23-1':'2.4.23-1','2.5.14-1':'2.5.14-1', '2.6.14-1':'2.6.14-1','2.7.9-1':'2.7.9-1','2.8.1-1':'2.8.1-1','2.9.5-1':'2.9.5-1'} %}
-					{{ select('hapver',  values=values, selected='2.9.5-1', required='required') }}
+					{% set values = {'2.4.23-1':'2.4.23-1','2.5.14-1':'2.5.14-1', '2.6.14-1':'2.6.14-1','2.7.9-1':'2.7.9-1','2.8.1-1':'2.8.1-1','2.9.6-1':'2.9.6-1'} %}
+					{{ select('hapver',  values=values, selected='2.9.6-1', required='required') }}
 				</td>
 				<td class="padding10 first-collumn">
 					<select autofocus required name="haproxyaddserv" id="haproxyaddserv">