homelab/nuclei-operator
1
0
Fork 0
mirror of https://github.com/morten-olsen/homelab-nuclei-operator.git synced 2026-02-08 02:16:23 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
5c3f7f3869e36e348c447e20fd3c26e59fd5315e
nuclei-operator/config/samples/nuclei_v1alpha1_nucleiscan.yaml
Morten Olsen 277fc459d5 init
2025-12-12 11:10:01 +01:00

95 lines
2.3 KiB
YAML
Raw Blame History

# Example NucleiScan resource
# This demonstrates a complete NucleiScan configuration
apiVersion: nuclei.homelab.mortenolsen.pro/v1alpha1
kind: NucleiScan
metadata:
labels:
app.kubernetes.io/name: nuclei-operator
app.kubernetes.io/managed-by: kustomize
name: nucleiscan-sample
namespace: default
spec:
# Reference to the source resource that triggered this scan
# This is typically set automatically by the Ingress/VirtualService controllers
sourceRef:
apiVersion: networking.k8s.io/v1
kind: Ingress
name: example-ingress
namespace: default
uid: "placeholder-uid"
# Target URLs to scan
# These are extracted from the source Ingress/VirtualService
targets:
- https://example.com
- https://example.com/api
- https://example.com/admin
# Severity levels to include in the scan
# Options: info, low, medium, high, critical
severity:
- medium
- high
- critical
# Optional: Specific Nuclei templates to use
# If not specified, all templates matching the severity will be used
templates:
- cves/
- vulnerabilities/
- exposures/
# Optional: Schedule for periodic rescanning (cron format)
# Examples:
# "0 2 * * *" - Daily at 2 AM
# "0 */6 * * *" - Every 6 hours
# "@every 24h" - Every 24 hours (simplified format)
schedule: "@every 24h"
# Optional: Suspend scheduled scans
# Set to true to pause scheduled scans without deleting the resource
suspend: false
---
# Example NucleiScan for a specific security audit
apiVersion: nuclei.homelab.mortenolsen.pro/v1alpha1
kind: NucleiScan
metadata:
labels:
app.kubernetes.io/name: nuclei-operator
app.kubernetes.io/managed-by: kustomize
security-audit: "true"
name: security-audit-scan
namespace: default
spec:
sourceRef:
apiVersion: networking.k8s.io/v1
kind: Ingress
name: production-ingress
namespace: production
uid: "audit-placeholder-uid"
targets:
- https://api.example.com
- https://www.example.com
# Full severity scan for security audit
severity:
- info
- low
- medium
- high
- critical
# Comprehensive template coverage
templates:
- cves/
- vulnerabilities/
- exposures/
- misconfiguration/
- default-logins/
# Weekly security audit
schedule: "0 3 * * 0"
suspend: false
Reference in New Issue View Git Blame Copy Permalink