mirror of
https://github.com/getnora-io/nora.git
synced 2026-04-12 10:20:32 +00:00
39 lines
1.1 KiB
TOML
39 lines
1.1 KiB
TOML
# Gitleaks configuration
|
|
# https://github.com/gitleaks/gitleaks
|
|
|
|
title = "NORA gitleaks rules"
|
|
|
|
|
|
[[rules]]
|
|
id = "extended-filter"
|
|
description = "Extended content filter rules"
|
|
regex = '''(?i)(blocked-term|blocked-term|blocked-term|blocked-term|blocked-term|co-authored-by:\s*blocked-term)'''
|
|
tags = ["internal"]
|
|
[rules.allowlist]
|
|
paths = ['''\.gitleaks\.toml$''', '''\.gitignore$''']
|
|
|
|
[[rules]]
|
|
id = "internal-infrastructure"
|
|
description = "Internal infrastructure hostnames and IPs"
|
|
regex = '''(devitacademy\.lab|tail3bd72c|10\.25\.1\.\d+|10\.0\.\d+\.\d+|192\.168\.1\.\d+)'''
|
|
tags = ["internal"]
|
|
|
|
[[rules]]
|
|
id = "internal-proxmox"
|
|
description = "Proxmox VM IDs and internal service names"
|
|
regex = '''(proxmox|VM\s*ID.*\d{4,5}|nora-builder|jump\s*server)'''
|
|
tags = ["internal"]
|
|
|
|
[[rules]]
|
|
id = "internal-blocked-term-md"
|
|
description = "internal-config file references"
|
|
regex = '''internal-config'''
|
|
tags = ["internal"]
|
|
|
|
[allowlist]
|
|
description = "Allowlist for false positives"
|
|
paths = [
|
|
'''\.gitleaks\.toml$''',
|
|
'''\.gitignore$''',
|
|
]
|