kot.pink / caddy-anubis
Anubis module for Caddy
fork atom

Add difficulty and policy_fname

kot.pink ef72e3ca 12b9a00b

options
unified split
Changed files
+48 -9
caddy_anubis.go
example
Caddyfile
botPolicy.yaml
+17 -6
caddy_anubis.go 
···

       
2

       
2

       
 

       



     

       
3

       
3

       
 

       
import (


     

       
4

       
4

       
 

       
	"fmt"


     

       
5

       

       
-

       
	"log/slog"


     

       
6

       
5

       
 

       
	"net"


     

       
7

       
6

       
 

       
	"net/http"


     

       

       
7

       
+

       
	"strconv"


     

       
8

       
8

       
 

       



     

       
9

       
9

       
 

       
	"github.com/TecharoHQ/anubis"


     

       
10

       
10

       
 

       
	libanubis "github.com/TecharoHQ/anubis/lib"


     
···

       
48

       
48

       
 

       
func (m *AnubisMiddleware) Provision(ctx caddy.Context) error {


     

       
49

       
49

       
 

       
	m.log = ctx.Logger(m)


     

       
50

       
50

       
 

       



     

       
51

       

       
-

       
	slog.SetLogLoggerLevel(slog.LevelDebug) // TODO: customizable log level


     

       

       
51

       
+

       
	// slog.SetLogLoggerLevel(slog.LevelDebug) // TODO: customizable log level


     

       
52

       
52

       
 

       



     

       
53

       
53

       
 

       
	m.log.Debug("loading anubis policies", zap.String("policy_file", m.PolicyFname), zap.Int("default_difficulty", m.DefaultDifficulty))


     

       
54

       
54

       
 

       
	policy, err := libanubis.LoadPoliciesOrDefault(ctx, m.PolicyFname, m.DefaultDifficulty)


     
···

       
92

       
92

       
 

       
	m.Options.CookieSecure = true // TODO: temporary


     

       
93

       
93

       
 

       



     

       
94

       
94

       
 

       
	for nesting := d.Nesting(); d.NextBlock(nesting); {


     

       

       
95

       
+

       
		var err error


     

       

       
96

       
+

       



     

       
95

       
97

       
 

       
		switch d.Val() {


     

       
96

       

       
-

       
			case "target":


     

       
97

       

       
-

       
			case "opengraph":


     

       
98

       

       
-

       
				m.Options.OpenGraph.Enabled = true


     

       
99

       

       
-

       



     

       

       
98

       
+

       
		case "difficulty":


     

       

       
99

       
+

       
			if !d.Next() {


     

       

       
100

       
+

       
				return d.ArgErr()


     

       

       
101

       
+

       
			}


     

       

       
102

       
+

       
			m.DefaultDifficulty, err = strconv.Atoi(d.Val())


     

       

       
103

       
+

       
			if err != nil {


     

       

       
104

       
+

       
				return d.WrapErr(err)


     

       

       
105

       
+

       
			}


     

       

       
106

       
+

       
		case "policy_fname":


     

       

       
107

       
+

       
			if !d.Next() {


     

       

       
108

       
+

       
				return d.ArgErr()


     

       

       
109

       
+

       
			}


     

       

       
110

       
+

       
			m.PolicyFname = d.Val()


     

       
100

       
111

       
 

       
		}


     

       
101

       
112

       
 

       
	} // anubis options


     

       
102

       
113
+17 -3
example/Caddyfile 
···

       
1

       
1

       
 

       
localhost {


     

       

       
2

       
+

       
    log {


     

       

       
3

       
+

       
        level debug


     

       

       
4

       
+

       
    }


     

       

       
5

       
+

       



     

       
2

       
6

       
 

       
	@anubis {


     

       
3

       

       
-

       
		path / # don't let AI scrapers list files!


     

       
4

       

       
-

       
		path /.within.website/* # required


     

       

       
7

       
+

       
	    # This matcher allows you to select specific paths for Anubis to handle.


     

       

       
8

       
+

       
		# If you want to handle all paths, remove this block and use `anubis {...}` instead!


     

       

       
9

       
+

       
		path / # don't let AI scrapers browse the file index


     

       

       
10

       
+

       
		path /.within.website/* # required for anubis to work


     

       

       
11

       
+

       



     

       

       
12

       
+

       
		not path /api/* # exclude api routes from anubis


     

       
5

       
13

       
 

       
	}


     

       
6

       
14

       
 

       



     

       
7

       
15

       
 

       
	anubis @anubis {


     

       

       
16

       
+

       
	    # This setting gets overridden a lot by the default bot policy.


     

       

       
17

       
+

       
	    difficulty 4


     

       

       
18

       
+

       



     

       

       
19

       
+

       
		# Custom bot policy


     

       

       
20

       
+

       
		policy_fname example/botPolicy.yaml


     

       

       
21

       
+

       



     

       
8

       
22

       
 

       
		# FIXME: required for OpenGraph passthrough!


     

       
9

       

       
-

       
		## TODO: access backend directly somehow?


     

       

       
23

       
+

       
		## TODO: access upstream directly somehow?


     

       
10

       
24

       
 

       
		##   otherwise anubis may trigger itself


     

       
11

       
25

       
 

       
		##   additionally, https://github.com/TecharoHQ/anubis/issues/329


     

       
12

       
26

       
 

       
		# target http://localhost:8080
+14
example/botPolicy.yaml 
···

       

       
1

       
+

       
{


     

       

       
2

       
+

       
    "bots": [


     

       

       
3

       
+

       
        {


     

       

       
4

       
+

       
            "name": "Denied route",


     

       

       
5

       
+

       
            "path_regex": "/deny",


     

       

       
6

       
+

       
            "action": "DENY"


     

       

       
7

       
+

       
        },


     

       

       
8

       
+

       
        {


     

       

       
9

       
+

       
            "name": "Generic browser",


     

       

       
10

       
+

       
            "user_agent_regex": "Mozilla",


     

       

       
11

       
+

       
            "action": "CHALLENGE"


     

       

       
12

       
+

       
        }


     

       

       
13

       
+

       
    ]


     

       

       
14

       
+

       
}