{"id":29631399,"url":"https://github.com/megamansec/gaas","last_synced_at":"2025-07-21T11:37:54.894Z","repository":{"id":302180641,"uuid":"1011528768","full_name":"MegaManSec/gaas","owner":"MegaManSec","description":"gixy-as-a-service (gaas), a Dockerized HTTP endpoint to send nginx configurations to, for static analysis by gixy","archived":false,"fork":false,"pushed_at":"2025-07-01T01:15:48.000Z","size":4,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-07-01T02:20:43.504Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/MegaManSec.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-07-01T00:59:28.000Z","updated_at":"2025-07-01T01:15:51.000Z","dependencies_parsed_at":"2025-07-01T02:20:50.143Z","dependency_job_id":"c4ac7bc2-5bb0-483e-b477-cd5dca80442b","html_url":"https://github.com/MegaManSec/gaas","commit_stats":null,"previous_names":["megamansec/gaas"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/MegaManSec/gaas","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MegaManSec%2Fgaas","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MegaManSec%2Fgaas/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MegaManSec%2Fgaas/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MegaManSec%2Fgaas/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/MegaManSec","download_url":"https://codeload.github.com/MegaManSec/gaas/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/MegaManSec%2Fgaas/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":266292916,"owners_count":23906610,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-07-21T11:37:51.508Z","updated_at":"2025-07-21T11:37:54.884Z","avatar_url":"https://github.com/MegaManSec.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Gixy as a Service\n\nA Dockerized FastAPI microservice that runs [gixy] on an\nnginx configuration dump and returns security findings as JSON.\n\n## Prerequisites\n\n* Docker \u0026 Docker Compose installed\n* Port 8080 available\n\n## Included Files\n\n* `Dockerfile`        — builds the multi-service image\n* `build.sh`          — convenience script to build the image\n* `requirements.txt`  — Python dependencies for FastAPI\n* `supervisord.conf` — supervisord config for both gixy and recheck\n* `app.py`            — FastAPI application source\n\n## Building the Image\n\nUse the provided `build.sh` (or run Docker directly):\n\n```bash\n./build.sh\n# or\n\ndocker build --no-cache -t multi-service-app .\n```\n\n## Running the Service\n\n```bash\ndocker run -d --rm \\\n  -p 8080:8080 \\\n  --name multi-service-app \\\n  multi-service-app\n```\n\nThis starts two services under supervisord:\n\n* **gixy**      — the FastAPI app listening on port 8080\n* **recheck**   — the regex redos recheck HTTP API on port 3001\n\n## API Endpoints\n\n### `POST /scan/{scan_path}`\n\nScans an nginx config dump and returns gixy findings.\n\n* **Path Param** `scan_path`\n\n  * letters, digits, underscore, hyphen only\n\n* **Request**: multipart form field `file`\n\n  * content-type `text/plain` or `application/octet-stream`\n  * payload: the output of `nginx -T`\n\n* **Success (200 OK)**: JSON array of issues\n\n  ```json\n  [\n    {\n      \"path\": \"/tmp/tmpabcd1234/myconf.conf\",\n      \"rule\": \"ssl_certificate_nx_file\",\n      \"severity\": \"High\",\n      \"message\": \"SSL certificate file not found\",\n      ...\n    },\n    ...\n  ]\n  ```\n\n* **Error Responses** (all JSON `{ \"detail\": \"...\" }`):\n\n  * `400 Bad Request`\n\n    * invalid `scan_path`\n    * empty upload\n    * JSON parse error from gixy\n    * gixy exited non-zero\n  * `415 Unsupported Media Type`\n\n    * upload not plain-text or octet-stream\n  * `502 Bad Gateway`\n\n    * gixy binary missing or runtime error\n  * `504 Gateway Timeout`\n\n    * gixy scan timed out (15 minutes)\n\n#### Example\n\n```bash\ncurl -F \"file=@nginx.conf\" \\\n  http://localhost:8080/scan/my_config\n```\n\n### `GET /` (Help)\n\nReturns a plain-text usage guide wrapped to \\~80 columns.\n\n```bash\ncurl http://localhost:8080/\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmegamansec%2Fgaas","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmegamansec%2Fgaas","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmegamansec%2Fgaas/lists"}