Feat/release 1.0.0 (#63)

* Feat: update Kubernetes manifests for Krawl deployment and improve resource labels

* Feat: update version to 1.0.0 in Helm chart and related files; add timezone to README

* Feat: enhance configuration options for handling malicious IPs and update dashboard secret path

* Fix: standardize boolean value handling in environment configuration

.gitignore

@@ -80,3 +80,4 @@ personal-values.yaml
 
 #exports dir (keeping .gitkeep so we have the dir)
 /exports/*
+/src/exports/*

README.md

@@ -109,6 +109,7 @@ services:
       - "5000:5000"
     environment:
       - CONFIG_LOCATION=config.yaml
+      - TZ="Europe/Rome"
     volumes:
       - ./config.yaml:/app/config.yaml:ro
       - krawl-data:/app/data
@@ -201,9 +202,6 @@ Krawl uses a **configuration hierarchy** in which **environment variables take p
 | `KRAWL_CANARY_TOKEN_URL` | External canary token URL | None |
 | `KRAWL_CANARY_TOKEN_TRIES` | Requests before showing canary token | `10` |
 | `KRAWL_DASHBOARD_SECRET_PATH` | Custom dashboard path | Auto-generated |
-| `KRAWL_API_SERVER_URL` | API server URL | None |
-| `KRAWL_API_SERVER_PORT` | API server port | `8080` |
-| `KRAWL_API_SERVER_PATH` | API server endpoint path | `/api/v2/users` |
 | `KRAWL_PROBABILITY_ERROR_CODES` | Error response probability (0-100%) | `0` |
 | `KRAWL_DATABASE_PATH` | Database file location | `data/krawl.db` |
 | `KRAWL_DATABASE_RETENTION_DAYS` | Days to retain data in database | `30` |
@@ -213,6 +211,9 @@ Krawl uses a **configuration hierarchy** in which **environment variables take p
 | `KRAWL_UNEVEN_REQUEST_TIMING_TIME_WINDOW_SECONDS` | Time window for request timing analysis in seconds | `300` |
 | `KRAWL_USER_AGENTS_USED_THRESHOLD` | Threshold for detecting multiple user agents | `2` |
 | `KRAWL_ATTACK_URLS_THRESHOLD` | Threshold for attack URL detection | `1` |
+| `KRAWL_INFINITE_PAGES_FOR_MALICIOUS` | Serve infinite pages to malicious IPs | `true` |
+| `KRAWL_MAX_PAGES_LIMIT` | Maximum page limit for crawlers | `250` |
+| `KRAWL_BAN_DURATION_SECONDS` | Ban duration in seconds for rate-limited IPs | `600` |
 
 For example
 

config.yaml

@@ -23,7 +23,7 @@ dashboard:
   # if set to "null" this will Auto-generates random path if not set
   # can be set to "/dashboard" or similar <-- note this MUST include a forward slash
   # secret_path: super-secret-dashboard-path
-  secret_path: null
+  secret_path: test
 
 database:
   path: "data/krawl.db"

helm/Chart.yaml

@@ -2,8 +2,8 @@ apiVersion: v2
 name: krawl-chart
 description: A Helm chart for Krawl honeypot server
 type: application
-version: 0.2.2
+version: 1.0.0
-appVersion: 0.2.2
+appVersion: 1.0.0
 keywords:
   - honeypot
   - security
@@ -13,4 +13,4 @@ maintainers:
 home: https://github.com/blessedrebus/krawl
 sources:
   - https://github.com/blessedrebus/krawl
-icon: https://raw.githubusercontent.com/blessedrebus/krawl/main/docs/images/krawl-logo.png
+icon: https://raw.githubusercontent.com/blessedrebus/krawl/main/img/krawl-svg.svg

helm/README.md

@@ -17,7 +17,7 @@ Install with default values:
 
 ```bash
 helm install krawl oci://ghcr.io/blessedrebus/krawl-chart \
-  --version 0.2.2 \
+  --version 1.0.0 \
   --namespace krawl-system \
   --create-namespace
 ```
@@ -29,6 +29,8 @@ service:
   type: LoadBalancer
   port: 5000
 
+timezone: "Europe/Rome"
+
 ingress:
   enabled: true
   className: "traefik"

helm/templates/configmap.yaml

@@ -10,7 +10,6 @@ data:
     server:
       port: {{ .Values.config.server.port }}
       delay: {{ .Values.config.server.delay }}
-      timezone: {{ .Values.config.server.timezone | toYaml }}
     links:
       min_length: {{ .Values.config.links.min_length }}
       max_length: {{ .Values.config.links.max_length }}
@@ -23,10 +22,6 @@ data:
       token_tries: {{ .Values.config.canary.token_tries }}
     dashboard:
       secret_path: {{ .Values.config.dashboard.secret_path | toYaml }}
-    api:
-      server_url: {{ .Values.config.api.server_url | toYaml }}
-      server_port: {{ .Values.config.api.server_port }}
-      server_path: {{ .Values.config.api.server_path | quote }}
     database:
       path: {{ .Values.config.database.path | quote }}
       retention_days: {{ .Values.config.database.retention_days }}

helm/values.yaml

@@ -3,7 +3,7 @@ replicaCount: 1
 image:
   repository: ghcr.io/blessedrebus/krawl
   pullPolicy: Always
-  tag: "0.2.1"
+  tag: "1.0.0"
 
 imagePullSecrets: []
 nameOverride: "krawl"
@@ -84,10 +84,6 @@ config:
     token_tries: 10
   dashboard:
     secret_path: null  # Auto-generated if not set, or set to "/my-secret-dashboard"
-  api:
-    server_url: null
-    server_port: 8080
-    server_path: "/api/v2/users"
   database:
     path: "data/krawl.db"
     retention_days: 30

kubernetes/krawl-all-in-one-deploy.yaml

@@ -4,18 +4,58 @@ kind: Namespace
 metadata:
   name: krawl-system
 ---
+# Source: krawl-chart/templates/network-policy.yaml
+apiVersion: networking.k8s.io/v1
+kind: NetworkPolicy
+metadata:
+  name: krawl
+  namespace: krawl-system
+  labels:
+    app.kubernetes.io/name: krawl
+    app.kubernetes.io/instance: krawl
+    app.kubernetes.io/version: "1.0.0"
+spec:
+  podSelector:
+    matchLabels:
+      app.kubernetes.io/name: krawl
+      app.kubernetes.io/instance: krawl
+  policyTypes:
+    - Ingress
+    - Egress
+  ingress:
+    - from:
+      - podSelector: {}
+      - namespaceSelector: {}
+      - ipBlock:
+          cidr: 0.0.0.0/0
+      ports:
+      - port: 5000
+        protocol: TCP
+  egress:
+    - ports:
+      - protocol: TCP
+      - protocol: UDP
+      to:
+      - namespaceSelector: {}
+      - ipBlock:
+          cidr: 0.0.0.0/0
+---
+# Source: krawl-chart/templates/configmap.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
   name: krawl-config
   namespace: krawl-system
+  labels:
+    app.kubernetes.io/name: krawl
+    app.kubernetes.io/instance: krawl
+    app.kubernetes.io/version: "1.0.0"
 data:
   config.yaml: |
     # Krawl Honeypot Configuration
     server:
       port: 5000
       delay: 100
-      timezone: null
     links:
       min_length: 5
       max_length: 15
@@ -28,10 +68,6 @@ data:
       token_tries: 10
     dashboard:
       secret_path: null
-    api:
-      server_url: null
-      server_port: 8080
-      server_path: "/api/v2/users"
     database:
       path: "data/krawl.db"
       retention_days: 30
@@ -49,231 +85,30 @@ data:
       max_pages_limit: 250
       ban_duration_seconds: 600
 ---
+# Source: krawl-chart/templates/wordlists-configmap.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
   name: krawl-wordlists
   namespace: krawl-system
+  labels:
+    app.kubernetes.io/name: krawl
+    app.kubernetes.io/instance: krawl
+    app.kubernetes.io/version: "1.0.0"
 data:
   wordlists.json: |
-    {
+    {"api_keys":{"prefixes":["sk_live_","sk_test_","api_","key_","token_","access_","secret_","prod_",""]},"applications":{"names":["WebApp","API Gateway","Dashboard","Admin Panel","CMS","Portal","Manager","Console","Control Panel","Backend"]},"databases":{"hosts":["localhost","db.internal","mysql.local","postgres.internal","127.0.0.1","db-server-01","database.prod","sql.company.com"],"names":["production","prod_db","main_db","app_database","users_db","customer_data","analytics","staging_db","dev_database","wordpress","ecommerce","crm_db","inventory"]},"directory_listing":{"directories":["uploads/","backups/","logs/","temp/","cache/","private/","config/","admin/","database/","backup/","old/","archive/",".git/","keys/","credentials/"],"files":["admin.txt","test.exe","backup.sql","database.sql","db_backup.sql","dump.sql","config.php","credentials.txt","passwords.txt","users.csv",".env","id_rsa","id_rsa.pub","private_key.pem","api_keys.json","secrets.yaml","admin_notes.txt","settings.ini","database.yml","wp-config.php",".htaccess","server.key","cert.pem","shadow.bak","passwd.old"]},"emails":{"domains":["example.com","company.com","localhost.com","test.com","domain.com","corporate.com","internal.net","enterprise.com","business.org"]},"error_codes":[400,401,403,404,500,502,503],"passwords":{"prefixes":["P@ssw0rd","Passw0rd","Admin","Secret","Welcome","System","Database","Secure","Master","Root"],"simple":["test","demo","temp","change","password","admin","letmein","welcome","default","sample"]},"server_headers":["Apache/2.2.22 (Ubuntu)","nginx/1.18.0","Microsoft-IIS/10.0","LiteSpeed","Caddy","Gunicorn/20.0.4","uvicorn/0.13.4","Express","Flask/1.1.2","Django/3.1"],"usernames":{"prefixes":["admin","user","developer","root","system","db","api","service","deploy","test","prod","backup","monitor","jenkins","webapp"],"suffixes":["","_prod","_dev","_test","123","2024","_backup","_admin","01","02","_user","_service","_api"]},"users":{"roles":["Administrator","Developer","Manager","User","Guest","Moderator","Editor","Viewer","Analyst","Support"]}}
-      "usernames": {
-        "prefixes": [
-          "admin",
-          "user",
-          "developer",
-          "root",
-          "system",
-          "db",
-          "api",
-          "service",
-          "deploy",
-          "test",
-          "prod",
-          "backup",
-          "monitor",
-          "jenkins",
-          "webapp"
-        ],
-        "suffixes": [
-          "",
-          "_prod",
-          "_dev",
-          "_test",
-          "123",
-          "2024",
-          "_backup",
-          "_admin",
-          "01",
-          "02",
-          "_user",
-          "_service",
-          "_api"
-        ]
-      },
-      "passwords": {
-        "prefixes": [
-          "P@ssw0rd",
-          "Passw0rd",
-          "Admin",
-          "Secret",
-          "Welcome",
-          "System",
-          "Database",
-          "Secure",
-          "Master",
-          "Root"
-        ],
-        "simple": [
-          "test",
-          "demo",
-          "temp",
-          "change",
-          "password",
-          "admin",
-          "letmein",
-          "welcome",
-          "default",
-          "sample"
-        ]
-      },
-      "emails": {
-        "domains": [
-          "example.com",
-          "company.com",
-          "localhost.com",
-          "test.com",
-          "domain.com",
-          "corporate.com",
-          "internal.net",
-          "enterprise.com",
-          "business.org"
-        ]
-      },
-      "api_keys": {
-        "prefixes": [
-          "sk_live_",
-          "sk_test_",
-          "api_",
-          "key_",
-          "token_",
-          "access_",
-          "secret_",
-          "prod_",
-          ""
-        ]
-      },
-      "databases": {
-        "names": [
-          "production",
-          "prod_db",
-          "main_db",
-          "app_database",
-          "users_db",
-          "customer_data",
-          "analytics",
-          "staging_db",
-          "dev_database",
-          "wordpress",
-          "ecommerce",
-          "crm_db",
-          "inventory"
-        ],
-        "hosts": [
-          "localhost",
-          "db.internal",
-          "mysql.local",
-          "postgres.internal",
-          "127.0.0.1",
-          "db-server-01",
-          "database.prod",
-          "sql.company.com"
-        ]
-      },
-      "applications": {
-        "names": [
-          "WebApp",
-          "API Gateway",
-          "Dashboard",
-          "Admin Panel",
-          "CMS",
-          "Portal",
-          "Manager",
-          "Console",
-          "Control Panel",
-          "Backend"
-        ]
-      },
-      "users": {
-        "roles": [
-          "Administrator",
-          "Developer",
-          "Manager",
-          "User",
-          "Guest",
-          "Moderator",
-          "Editor",
-          "Viewer",
-          "Analyst",
-          "Support"
-        ]
-      },
-      "directory_listing": {
-        "files": [
-          "admin.txt",
-          "test.exe",
-          "backup.sql",
-          "database.sql",
-          "db_backup.sql",
-          "dump.sql",
-          "config.php",
-          "credentials.txt",
-          "passwords.txt",
-          "users.csv",
-          ".env",
-          "id_rsa",
-          "id_rsa.pub",
-          "private_key.pem",
-          "api_keys.json",
-          "secrets.yaml",
-          "admin_notes.txt",
-          "settings.ini",
-          "database.yml",
-          "wp-config.php",
-          ".htaccess",
-          "server.key",
-          "cert.pem",
-          "shadow.bak",
-          "passwd.old"
-        ],
-        "directories": [
-          "uploads/",
-          "backups/",
-          "logs/",
-          "temp/",
-          "cache/",
-          "private/",
-          "config/",
-          "admin/",
-          "database/",
-          "backup/",
-          "old/",
-          "archive/",
-          ".git/",
-          "keys/",
-          "credentials/"
-        ]
-      },
-      "error_codes": [
-        400,
-        401,
-        403,
-        404,
-        500,
-        502,
-        503
-      ],
-      "server_headers": [
-        "Apache/2.2.22 (Ubuntu)",
-        "nginx/1.18.0",
-        "Microsoft-IIS/10.0",
-        "LiteSpeed",
-        "Caddy",
-        "Gunicorn/20.0.4",
-        "uvicorn/0.13.4",
-        "Express",
-        "Flask/1.1.2",
-        "Django/3.1"
-      ]
-    }
 ---
+# Source: krawl-chart/templates/pvc.yaml
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: krawl-db
   namespace: krawl-system
   labels:
-    app: krawl-server
+    app.kubernetes.io/name: krawl
+    app.kubernetes.io/instance: krawl
+    app.kubernetes.io/version: "1.0.0"
 spec:
   accessModes:
     - ReadWriteOnce
@@ -281,30 +116,61 @@ spec:
     requests:
       storage: 1Gi
 ---
+# Source: krawl-chart/templates/service.yaml
+apiVersion: v1
+kind: Service
+metadata:
+  name: krawl
+  namespace: krawl-system
+  labels:
+    app.kubernetes.io/name: krawl
+    app.kubernetes.io/instance: krawl
+    app.kubernetes.io/version: "1.0.0"
+spec:
+  type: LoadBalancer
+  externalTrafficPolicy: Local
+  sessionAffinity: ClientIP
+  sessionAffinityConfig:
+    clientIP:
+      timeoutSeconds: 10800
+  ports:
+  - port: 5000
+    targetPort: http
+    protocol: TCP
+    name: http
+  selector:
+    app.kubernetes.io/name: krawl
+    app.kubernetes.io/instance: krawl
+---
+# Source: krawl-chart/templates/deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: krawl-server
+  name: krawl
   namespace: krawl-system
   labels:
-    app: krawl-server
+    app.kubernetes.io/name: krawl
+    app.kubernetes.io/instance: krawl
+    app.kubernetes.io/version: "1.0.0"
 spec:
   replicas: 1
   selector:
     matchLabels:
-      app: krawl-server
+      app.kubernetes.io/name: krawl
+      app.kubernetes.io/instance: krawl
   template:
     metadata:
       labels:
-        app: krawl-server
+        app.kubernetes.io/name: krawl
+        app.kubernetes.io/instance: krawl
     spec:
       containers:
-      - name: krawl
+      - name: krawl-chart
-        image: ghcr.io/blessedrebus/krawl:latest
+        image: "ghcr.io/blessedrebus/krawl:1.0.0"
         imagePullPolicy: Always
         ports:
-        - containerPort: 5000
+        - name: http
-          name: http
+          containerPort: 5000
           protocol: TCP
         env:
         - name: CONFIG_LOCATION
@@ -321,12 +187,12 @@ spec:
         - name: database
           mountPath: /app/data
         resources:
-          requests:
+            limits:
-            memory: "64Mi"
+              cpu: 500m
-            cpu: "100m"
+              memory: 256Mi
-          limits:
+            requests:
-            memory: "256Mi"
+              cpu: 100m
-            cpu: "500m"
+              memory: 64Mi
       volumes:
       - name: config
         configMap:
@@ -338,104 +204,26 @@ spec:
         persistentVolumeClaim:
           claimName: krawl-db
 ---
-apiVersion: v1
+# Source: krawl-chart/templates/ingress.yaml
-kind: Service
-metadata:
-  name: krawl-server
-  namespace: krawl-system
-  labels:
-    app: krawl-server
-spec:
-  type: LoadBalancer
-  externalTrafficPolicy: Local
-  sessionAffinity: ClientIP
-  sessionAffinityConfig:
-    clientIP:
-      timeoutSeconds: 10800
-  ports:
-  - port: 5000
-    targetPort: 5000
-    protocol: TCP
-    name: http
-  selector:
-    app: krawl-server
----
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: krawl-ingress
+  name: krawl
   namespace: krawl-system
+  labels:
+    app.kubernetes.io/name: krawl
+    app.kubernetes.io/instance: krawl
+    app.kubernetes.io/version: "1.0.0"
 spec:
   ingressClassName: traefik
   rules:
-  - host: krawl.example.com  # Change to your domain
+    - host: "krawl.example.com"
-    http:
+      http:
-      paths:
+        paths:
-      - path: /
+          - path: /
-        pathType: Prefix
+            pathType: Prefix
-        backend:
+            backend:
-          service:
+              service:
-            name: krawl-server
+                name: krawl
-            port:
+                port:
-              number: 5000
+                  number: 5000
-  # tls:
-  # - hosts:
-  #   - krawl.example.com
-  #   secretName: krawl-tls
----
-apiVersion: networking.k8s.io/v1
-kind: NetworkPolicy
-metadata:
-  name: krawl-network-policy
-  namespace: krawl-system
-spec:
-  podSelector:
-    matchLabels:
-      app: krawl-server
-  policyTypes:
-  - Ingress
-  - Egress
-  ingress:
-  - from:
-    - podSelector: {}
-    - namespaceSelector: {}
-    - ipBlock:
-        cidr: 0.0.0.0/0
-    ports:
-    - protocol: TCP
-      port: 5000
-  egress:
-  - to:
-    - namespaceSelector: {}
-    - ipBlock:
-        cidr: 0.0.0.0/0
-    ports:
-    - protocol: TCP
-    - protocol: UDP
----
-# Optional: HorizontalPodAutoscaler for auto-scaling
-apiVersion: autoscaling/v2
-kind: HorizontalPodAutoscaler
-metadata:
-  name: krawl-hpa
-  namespace: krawl-system
-spec:
-  scaleTargetRef:
-    apiVersion: apps/v1
-    kind: Deployment
-    name: krawl-server
-  minReplicas: 1
-  maxReplicas: 5
-  metrics:
-  - type: Resource
-    resource:
-      name: cpu
-      target:
-        type: Utilization
-        averageUtilization: 70
-  - type: Resource
-    resource:
-      name: memory
-      target:
-        type: Utilization
-        averageUtilization: 80

kubernetes/manifests/configmap.yaml

@@ -1,15 +1,19 @@
+# Source: krawl-chart/templates/configmap.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
   name: krawl-config
   namespace: krawl-system
+  labels:
+    app.kubernetes.io/name: krawl
+    app.kubernetes.io/instance: krawl
+    app.kubernetes.io/version: "1.0.0"
 data:
   config.yaml: |
     # Krawl Honeypot Configuration
     server:
       port: 5000
       delay: 100
-      timezone: null
     links:
       min_length: 5
       max_length: 15
@@ -22,10 +26,6 @@ data:
       token_tries: 10
     dashboard:
       secret_path: null
-    api:
-      server_url: null
-      server_port: 8080
-      server_path: "/api/v2/users"
     database:
       path: "data/krawl.db"
       retention_days: 30

kubernetes/manifests/deployment.yaml

@@ -1,27 +1,32 @@
+# Source: krawl-chart/templates/deployment.yaml
 apiVersion: apps/v1
 kind: Deployment
 metadata:
-  name: krawl-server
+  name: krawl
   namespace: krawl-system
   labels:
-    app: krawl-server
+    app.kubernetes.io/name: krawl
+    app.kubernetes.io/instance: krawl
+    app.kubernetes.io/version: "1.0.0"
 spec:
   replicas: 1
   selector:
     matchLabels:
-      app: krawl-server
+      app.kubernetes.io/name: krawl
+      app.kubernetes.io/instance: krawl
   template:
     metadata:
       labels:
-        app: krawl-server
+        app.kubernetes.io/name: krawl
+        app.kubernetes.io/instance: krawl
     spec:
       containers:
-      - name: krawl
+      - name: krawl-chart
-        image: ghcr.io/blessedrebus/krawl:latest
+        image: "ghcr.io/blessedrebus/krawl:1.0.0"
         imagePullPolicy: Always
         ports:
-        - containerPort: 5000
+        - name: http
-          name: http
+          containerPort: 5000
           protocol: TCP
         env:
         - name: CONFIG_LOCATION
@@ -38,12 +43,12 @@ spec:
         - name: database
           mountPath: /app/data
         resources:
-          requests:
+            limits:
-            memory: "64Mi"
+              cpu: 500m
-            cpu: "100m"
+              memory: 256Mi
-          limits:
+            requests:
-            memory: "256Mi"
+              cpu: 100m
-            cpu: "500m"
+              memory: 64Mi
       volumes:
       - name: config
         configMap:

kubernetes/manifests/hpa.yaml

@@ -1,26 +0,0 @@
-# Optional: HorizontalPodAutoscaler for auto-scaling
-apiVersion: autoscaling/v2
-kind: HorizontalPodAutoscaler
-metadata:
-  name: krawl-hpa
-  namespace: krawl-system
-spec:
-  scaleTargetRef:
-    apiVersion: apps/v1
-    kind: Deployment
-    name: krawl-server
-  minReplicas: 1
-  maxReplicas: 5
-  metrics:
-  - type: Resource
-    resource:
-      name: cpu
-      target:
-        type: Utilization
-        averageUtilization: 70
-  - type: Resource
-    resource:
-      name: memory
-      target:
-        type: Utilization
-        averageUtilization: 80

kubernetes/manifests/ingress.yaml

@@ -1,22 +1,23 @@
+# Source: krawl-chart/templates/ingress.yaml
 apiVersion: networking.k8s.io/v1
 kind: Ingress
 metadata:
-  name: krawl-ingress
+  name: krawl
   namespace: krawl-system
+  labels:
+    app.kubernetes.io/name: krawl
+    app.kubernetes.io/instance: krawl
+    app.kubernetes.io/version: "1.0.0"
 spec:
   ingressClassName: traefik
   rules:
-  - host: krawl.example.com  # Change to your domain
+    - host: "krawl.example.com"
-    http:
+      http:
-      paths:
+        paths:
-      - path: /
+          - path: /
-        pathType: Prefix
+            pathType: Prefix
-        backend:
+            backend:
-          service:
+              service:
-            name: krawl-server
+                name: krawl
-            port:
+                port:
-              number: 5000
+                  number: 5000
-  # tls:
-  # - hosts:
-  #   - krawl.example.com
-  #   secretName: krawl-tls

kubernetes/manifests/network-policy.yaml

@@ -1,29 +1,35 @@
+# Source: krawl-chart/templates/network-policy.yaml
 apiVersion: networking.k8s.io/v1
 kind: NetworkPolicy
 metadata:
-  name: krawl-network-policy
+  name: krawl
   namespace: krawl-system
+  labels:
+    app.kubernetes.io/name: krawl
+    app.kubernetes.io/instance: krawl
+    app.kubernetes.io/version: "1.0.0"
 spec:
   podSelector:
     matchLabels:
-      app: krawl-server
+      app.kubernetes.io/name: krawl
+      app.kubernetes.io/instance: krawl
   policyTypes:
-  - Ingress
+    - Ingress
-  - Egress
+    - Egress
   ingress:
-  - from:
+    - from:
-    - podSelector: {}
+      - podSelector: {}
-    - namespaceSelector: {}
+      - namespaceSelector: {}
-    - ipBlock:
+      - ipBlock:
-        cidr: 0.0.0.0/0 
+          cidr: 0.0.0.0/0
-    ports:
+      ports:
-    - protocol: TCP
+      - port: 5000
-      port: 5000
+        protocol: TCP
   egress:
-  - to:
+    - ports:
-    - namespaceSelector: {}
+      - protocol: TCP
-    - ipBlock:
+      - protocol: UDP
-        cidr: 0.0.0.0/0
+      to:
-    ports:
+      - namespaceSelector: {}
-    - protocol: TCP
+      - ipBlock:
-    - protocol: UDP
+          cidr: 0.0.0.0/0

kubernetes/manifests/pvc.yaml

@@ -1,10 +1,13 @@
+# Source: krawl-chart/templates/pvc.yaml
 apiVersion: v1
 kind: PersistentVolumeClaim
 metadata:
   name: krawl-db
   namespace: krawl-system
   labels:
-    app: krawl-server
+    app.kubernetes.io/name: krawl
+    app.kubernetes.io/instance: krawl
+    app.kubernetes.io/version: "1.0.0"
 spec:
   accessModes:
     - ReadWriteOnce

kubernetes/manifests/service.yaml

@@ -1,10 +1,13 @@
+# Source: krawl-chart/templates/service.yaml
 apiVersion: v1
 kind: Service
 metadata:
-  name: krawl-server
+  name: krawl
   namespace: krawl-system
   labels:
-    app: krawl-server
+    app.kubernetes.io/name: krawl
+    app.kubernetes.io/instance: krawl
+    app.kubernetes.io/version: "1.0.0"
 spec:
   type: LoadBalancer
   externalTrafficPolicy: Local
@@ -14,8 +17,9 @@ spec:
       timeoutSeconds: 10800
   ports:
   - port: 5000
-    targetPort: 5000
+    targetPort: http
     protocol: TCP
     name: http
   selector:
-    app: krawl-server
+    app.kubernetes.io/name: krawl
+    app.kubernetes.io/instance: krawl

kubernetes/manifests/wordlists-configmap.yaml

@@ -1,217 +1,13 @@
+# Source: krawl-chart/templates/wordlists-configmap.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
   name: krawl-wordlists
   namespace: krawl-system
+  labels:
+    app.kubernetes.io/name: krawl
+    app.kubernetes.io/instance: krawl
+    app.kubernetes.io/version: "1.0.0"
 data:
   wordlists.json: |
-    {
+    {"api_keys":{"prefixes":["sk_live_","sk_test_","api_","key_","token_","access_","secret_","prod_",""]},"applications":{"names":["WebApp","API Gateway","Dashboard","Admin Panel","CMS","Portal","Manager","Console","Control Panel","Backend"]},"databases":{"hosts":["localhost","db.internal","mysql.local","postgres.internal","127.0.0.1","db-server-01","database.prod","sql.company.com"],"names":["production","prod_db","main_db","app_database","users_db","customer_data","analytics","staging_db","dev_database","wordpress","ecommerce","crm_db","inventory"]},"directory_listing":{"directories":["uploads/","backups/","logs/","temp/","cache/","private/","config/","admin/","database/","backup/","old/","archive/",".git/","keys/","credentials/"],"files":["admin.txt","test.exe","backup.sql","database.sql","db_backup.sql","dump.sql","config.php","credentials.txt","passwords.txt","users.csv",".env","id_rsa","id_rsa.pub","private_key.pem","api_keys.json","secrets.yaml","admin_notes.txt","settings.ini","database.yml","wp-config.php",".htaccess","server.key","cert.pem","shadow.bak","passwd.old"]},"emails":{"domains":["example.com","company.com","localhost.com","test.com","domain.com","corporate.com","internal.net","enterprise.com","business.org"]},"error_codes":[400,401,403,404,500,502,503],"passwords":{"prefixes":["P@ssw0rd","Passw0rd","Admin","Secret","Welcome","System","Database","Secure","Master","Root"],"simple":["test","demo","temp","change","password","admin","letmein","welcome","default","sample"]},"server_headers":["Apache/2.2.22 (Ubuntu)","nginx/1.18.0","Microsoft-IIS/10.0","LiteSpeed","Caddy","Gunicorn/20.0.4","uvicorn/0.13.4","Express","Flask/1.1.2","Django/3.1"],"usernames":{"prefixes":["admin","user","developer","root","system","db","api","service","deploy","test","prod","backup","monitor","jenkins","webapp"],"suffixes":["","_prod","_dev","_test","123","2024","_backup","_admin","01","02","_user","_service","_api"]},"users":{"roles":["Administrator","Developer","Manager","User","Guest","Moderator","Editor","Viewer","Analyst","Support"]}}
-      "usernames": {
-        "prefixes": [
-          "admin",
-          "user",
-          "developer",
-          "root",
-          "system",
-          "db",
-          "api",
-          "service",
-          "deploy",
-          "test",
-          "prod",
-          "backup",
-          "monitor",
-          "jenkins",
-          "webapp"
-        ],
-        "suffixes": [
-          "",
-          "_prod",
-          "_dev",
-          "_test",
-          "123",
-          "2024",
-          "_backup",
-          "_admin",
-          "01",
-          "02",
-          "_user",
-          "_service",
-          "_api"
-        ]
-      },
-      "passwords": {
-        "prefixes": [
-          "P@ssw0rd",
-          "Passw0rd",
-          "Admin",
-          "Secret",
-          "Welcome",
-          "System",
-          "Database",
-          "Secure",
-          "Master",
-          "Root"
-        ],
-        "simple": [
-          "test",
-          "demo",
-          "temp",
-          "change",
-          "password",
-          "admin",
-          "letmein",
-          "welcome",
-          "default",
-          "sample"
-        ]
-      },
-      "emails": {
-        "domains": [
-          "example.com",
-          "company.com",
-          "localhost.com",
-          "test.com",
-          "domain.com",
-          "corporate.com",
-          "internal.net",
-          "enterprise.com",
-          "business.org"
-        ]
-      },
-      "api_keys": {
-        "prefixes": [
-          "sk_live_",
-          "sk_test_",
-          "api_",
-          "key_",
-          "token_",
-          "access_",
-          "secret_",
-          "prod_",
-          ""
-        ]
-      },
-      "databases": {
-        "names": [
-          "production",
-          "prod_db",
-          "main_db",
-          "app_database",
-          "users_db",
-          "customer_data",
-          "analytics",
-          "staging_db",
-          "dev_database",
-          "wordpress",
-          "ecommerce",
-          "crm_db",
-          "inventory"
-        ],
-        "hosts": [
-          "localhost",
-          "db.internal",
-          "mysql.local",
-          "postgres.internal",
-          "127.0.0.1",
-          "db-server-01",
-          "database.prod",
-          "sql.company.com"
-        ]
-      },
-      "applications": {
-        "names": [
-          "WebApp",
-          "API Gateway",
-          "Dashboard",
-          "Admin Panel",
-          "CMS",
-          "Portal",
-          "Manager",
-          "Console",
-          "Control Panel",
-          "Backend"
-        ]
-      },
-      "users": {
-        "roles": [
-          "Administrator",
-          "Developer",
-          "Manager",
-          "User",
-          "Guest",
-          "Moderator",
-          "Editor",
-          "Viewer",
-          "Analyst",
-          "Support"
-        ]
-      },
-      "directory_listing": {
-        "files": [
-          "admin.txt",
-          "test.exe",
-          "backup.sql",
-          "database.sql",
-          "db_backup.sql",
-          "dump.sql",
-          "config.php",
-          "credentials.txt",
-          "passwords.txt",
-          "users.csv",
-          ".env",
-          "id_rsa",
-          "id_rsa.pub",
-          "private_key.pem",
-          "api_keys.json",
-          "secrets.yaml",
-          "admin_notes.txt",
-          "settings.ini",
-          "database.yml",
-          "wp-config.php",
-          ".htaccess",
-          "server.key",
-          "cert.pem",
-          "shadow.bak",
-          "passwd.old"
-        ],
-        "directories": [
-          "uploads/",
-          "backups/",
-          "logs/",
-          "temp/",
-          "cache/",
-          "private/",
-          "config/",
-          "admin/",
-          "database/",
-          "backup/",
-          "old/",
-          "archive/",
-          ".git/",
-          "keys/",
-          "credentials/"
-        ]
-      },
-      "error_codes": [
-        400,
-        401,
-        403,
-        404,
-        500,
-        502,
-        503
-      ],
-      "server_headers": [
-        "Apache/2.2.22 (Ubuntu)",
-        "nginx/1.18.0",
-        "Microsoft-IIS/10.0",
-        "LiteSpeed",
-        "Caddy",
-        "Gunicorn/20.0.4",
-        "uvicorn/0.13.4",
-        "Express",
-        "Flask/1.1.2",
-        "Django/3.1"
-      ]
-    }

src/config.py

@@ -232,6 +232,9 @@ def override_config_from_env(config: Config = None):
                     setattr(config, field, int(env_value))
                 elif field_type == float:
                     setattr(config, field, float(env_value))
+                elif field_type == bool:
+                    # Handle boolean values (case-insensitive: true/false, yes/no, 1/0)
+                    setattr(config, field, env_value.lower() in ("true", "yes", "1"))
                 elif field_type == Tuple[int, int]:
                     parts = env_value.split(",")
                     if len(parts) == 2: