chore: update naming and use crs-version where needed

[fzipi]

• use crs-version parameter to generate documentation
• change naming from owasp-modsecurity-crs to coreruleset

[dune73]

Why do you do a folder coreruleset instead of crs?

[fzipi]

That's how we provide our tarballs. If we want to rename everything, we can, but not before tomorrow, right?

We need to rename our main repo from coreruleset/coreruleset to coreruleset/crs, basically. And change everything around (docs, wiki, installer, links).

[dune73]

No, that's not what I am talking about. I'm talking about

tar -zxvf v{{< param crs_latest_release >}}.tar.gz -C /etc/httpd/modsecurity.d/coreruleset

If you do this to mirror the repo name, then cool. But it's obviously an arbitrary choice (and better than owasp-modsecurity-crs.

[fzipi]

What about now?

[dune73]

Very good thanks.

What I see still missing is the plugins includes. Going to comment in code.

[dune73]

Ah, no, need to comment here, since you did not touch those lines:

Include modsecurity.d/crs/crs-setup.conf

Include modsecurity.d/crs/plugins/*-config.conf
Include modsecurity.d/crs/plugins/*-before.conf

Include modsecurity.d/crs/rules/*.conf

Include modsecurity.d/crs/plugins/*-after.conf

[fzipi]

What about the nginx version?

[fzipi]

ping @dune73

[dune73]

Sorry, I do not get the question. What's with nginx? Same layout, I think.

[fzipi]

So include works the same way in nginx?

[dune73]

@airween could you please confirm?

[dune73]

There is a problem with the tar now:

tar -zxvf v{{< param crs_latest_release >}}.tar.gz -C /etc/httpd/modsecurity.d/crs

We're likely ending up with something along modsecurity.d/crs/coreruleset-nightly.

Not sure how we want to deal with this.

[dune73]

The extended install lacks the extraction step.

I suggest to fix the tar above and then to copy that over to the extended install.

[dune73]

Please update gpg --verify coreruleset-3.3.2.tar.gz.asc v3.3.2.tar.gz to v4. (can't comment in the file since you did not touch this).

we can't until release.

[airween]

Ah, no, need to comment here, since you did not touch those lines:

Include modsecurity.d/crs/crs-setup.conf

Include modsecurity.d/crs/plugins/*-config.conf
Include modsecurity.d/crs/plugins/*-before.conf

Include modsecurity.d/crs/rules/*.conf

Include modsecurity.d/crs/plugins/*-after.conf

This works for me with Nginx (with different directory name) - but everything is the same.

Include /PATH/TO/CRS/crs-setup.conf

Include /PATH/TO/CRS/plugins/*-config.conf
Include /PATH/TO/CRS/plugins/*-before.conf

Include /PATH/TO/CRS/rules/*.conf

Include /PATH/TO/CRS/plugins/*-after.conf

[fzipi]

Then this Include simplifies everything. But there is no IncludeOptional... right? So it may fail if you don't have plugins.

[airween]

Then this Include simplifies everything. But there is no IncludeOptional... right? So it may fail if you don't have plugins.

Yes, Nginx does not support IncludeOptional at all.

[dune73]

That's why we ship with

dune73@leander plugins>l
total 12K
drwxr-xr-x  2 dune73 dune73 4.0K Nov 23 09:38 .
drwxr-xr-x 10 dune73 dune73 4.0K Feb 14 14:41 ..
-rw-r--r--  1 dune73 dune73    0 Nov 23 09:38 empty-after.conf
-rw-r--r--  1 dune73 dune73    0 Nov 23 09:38 empty-before.conf
-rw-r--r--  1 dune73 dune73    0 Nov 23 09:38 empty-config.conf

[fzipi]

All reviews addressed now.

[dune73]

OK, then let's go. We can always update again for the website.