mirror of
https://github.com/getnora-io/nora.git
synced 2026-04-12 18:30:32 +00:00
34 lines
836 B
TOML
34 lines
836 B
TOML
# Gitleaks configuration
|
|
# https://github.com/gitleaks/gitleaks
|
|
|
|
title = "NORA gitleaks rules"
|
|
|
|
# Internal infrastructure — private IPs and domains
|
|
[[rules]]
|
|
id = "private-network"
|
|
description = "Private network addresses and internal domains"
|
|
regex = '''(10\.25\.1\.\d+|10\.0\.\d+\.\d+)'''
|
|
tags = ["network"]
|
|
[rules.allowlist]
|
|
regexTarget = "match"
|
|
regexes = ['''10\.0\.0\.0''']
|
|
|
|
[[rules]]
|
|
id = "internal-domains"
|
|
description = "Internal domain names"
|
|
regex = '''[a-z0-9]+\.(lab|internal|local)\b'''
|
|
tags = ["network"]
|
|
|
|
[[rules]]
|
|
id = "tailscale-hostnames"
|
|
description = "Tailscale MagicDNS hostnames"
|
|
regex = '''[a-z0-9]+\.tail[a-z0-9]+\.ts\.net'''
|
|
tags = ["network"]
|
|
|
|
[allowlist]
|
|
description = "Allowlist for false positives"
|
|
paths = [
|
|
'''\.gitleaks\.toml$''',
|
|
'''\.gitignore$''',
|
|
]
|