DevFW-CICD/ingress-nginx-helm
12
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix documentation table layout

Browse source
This commit is contained in:
Manuel Alejandro de Brito Fontes 2020-09-01 19:49:17 -04:00
parent 2d44f62e1b
commit fb92b3a6a5
3 changed files with 22 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
docs/deploy/hardening-guide.md
View file

@ -1,13 +1,14 @@
# Hardening Guide
## Overview
There are several ways to do hardening and securing of nginx. In this documentation two guides are used, the guides are
There are several ways to do hardening and securing of nginx. In this documentation two guides are used, the guides are
overlapping in some points:
- [nginx CIS Benchmark](https://www.cisecurity.org/benchmark/nginx/)
- [cipherlist.eu](https://cipherlist.eu/) (one of many forks of the now dead project cipherli.st)
This guide describes, what of the different configurations described in those guides is already implemented as default
This guide describes, what of the different configurations described in those guides is already implemented as default
in the nginx implementation of kubernetes ingress, what needs to be configured, what is obsolete due to the fact that
the nginx is running as container (the CIS benchmark relates to a non-containerized installation) and what is difficult
or not possible.
@ -18,6 +19,7 @@ lead to have specific clients unable to reach your site or similar consequences.
This guide refers to chapters in the CIS Benchmark. For full explanation you should refer to the benchmark document itself
## Configuration Guide
| Chapter in CIS benchmark | Status | Default | Action to do if not default|
|:-------------------------|:-------|:--------|:---------------------------|
| __1 Initial Setup__ ||| |
@ -109,4 +111,16 @@ This guide refers to chapters in the CIS Benchmark. For full explanation you sho
| 5.3.4 Ensure that Content Security Policy (CSP) is enabled and configured properly (Not Scored) | ACTION NEEDED| See previous answer| See previous answer |
| 5.3.5 Ensure the Referrer Policy is enabled and configured properly (Not Scored)| ACTION NEEDED | Depends on application. It should be handled in the applications webserver itself, not in the load balancing ingress | check backend webserver |
| ||| |
| __6 Mandatory Access Control__| n/a| too high level, depends on backends | |
| __6 Mandatory Access Control__| n/a| too high level, depends on backends | |
<style type="text/css" rel="stylesheet">
@media only screen and (min-width: 768px) {
td:nth-child(1){
white-space:normal !important;
}
.md-typeset table:not([class]) td {
padding: .2rem .3rem;
}
}
</style>

7
docs/extra.css
View file

@ -1,10 +1,9 @@
.md-typeset__table {
min-width: 100%;
min-width: 100%;
}
@media only screen and (min-width: 768px)
{
td:nth-child(1){
@media only screen and (min-width: 768px) {
td:nth-child(1) {
white-space: nowrap;
}
}

2
mkdocs.yml
View file

@ -4,6 +4,8 @@ repo_url: https://github.com/kubernetes/ingress-nginx
site_url: https://kubernetes.github.io/ingress-nginx
markdown_extensions:
- attr_list
- pymdownx.emoji
- admonition
- codehilite
- pymdownx.inlinehilite