first commit

2026-02-13 12:42:53 +01:00
commit bc1b4279de
21 changed files with 3835 additions and 0 deletions
--- a/env.example
+++ b/env.example
@@ -0,0 +1,142 @@
+# ============================================================
+# CVE MONITOR - CONFIGURATION FILE
+# ============================================================
+# Copy this file to .env and adjust values for your environment
+
+# ============================================================
+# APPLICATION SETTINGS
+# ============================================================
+APP_NAME=CVE Monitor
+APP_VERSION=1.0.0
+DEBUG=False
+HOST=0.0.0.0
+PORT=5000
+
+# ============================================================
+# DATABASE CONFIGURATION
+# ============================================================
+DATABASE_PATH=./cve_db/cve_cache.db
+DATABASE_WAL_MODE=True
+DATABASE_CACHE_SIZE=10000
+
+# ============================================================
+# LOGGING CONFIGURATION
+# ============================================================
+LOG_LEVEL=INFO
+LOG_FORMAT=%(asctime)s - %(name)s - %(levelname)s - %(message)s
+LOG_FILE=./logs/cve_monitor.log
+LOG_MAX_BYTES=10485760
+LOG_BACKUP_COUNT=5
+
+# ============================================================
+# AUTO-UPDATE CONFIGURATION
+# ============================================================
+ENABLE_AUTO_UPDATE=True
+UPDATE_INTERVAL_HOURS=1
+INITIAL_LOOKBACK_DAYS=365
+CACHE_HOURS=24
+
+# ============================================================
+# EXTERNAL API KEYS (Optional but Recommended)
+# ============================================================
+# NVD API Key - Get yours at: https://nvd.nist.gov/developers/request-an-api-key
+# Without API key: 5 requests per 30 seconds
+# With API key: 50 requests per 30 seconds
+NVD_API_KEY=
+
+# GitHub Personal Access Token - Get yours at: https://github.com/settings/tokens
+# Increases rate limit from 60 to 5000 requests per hour
+GITHUB_TOKEN=
+
+# ============================================================
+# API ENDPOINTS (Advanced - Don't change unless necessary)
+# ============================================================
+NVD_API_URL=https://services.nvd.nist.gov/rest/json/cves/2.0
+GITHUB_API_URL=https://api.github.com/advisories
+NVD_TIMEOUT=30
+GITHUB_TIMEOUT=15
+
+# ============================================================
+# GUNICORN CONFIGURATION (Production)
+# ============================================================
+WORKERS=4
+WORKER_TIMEOUT=120
+
+# ============================================================
+# SECURITY SETTINGS
+# ============================================================
+ENABLE_SECURITY_HEADERS=True
+ENABLE_RATE_LIMITING=True
+ENABLE_COMPRESSION=True
+ENABLE_ETAG=True
+
+# Content Security Policy
+CSP_DEFAULT_SRC='self'
+CSP_SCRIPT_SRC='self' 'unsafe-inline' cdn.jsdelivr.net cdnjs.cloudflare.com
+CSP_STYLE_SRC='self' 'unsafe-inline' cdn.jsdelivr.net cdnjs.cloudflare.com
+CSP_FONT_SRC='self' cdnjs.cloudflare.com
+CSP_IMG_SRC='self' data:
+CSP_CONNECT_SRC='self' cdn.jsdelivr.net
+
+# X-Frame-Options: DENY, SAMEORIGIN, or ALLOW-FROM uri
+X_FRAME_OPTIONS=DENY
+
+# HSTS max age in seconds (1 year = 31536000)
+HSTS_MAX_AGE=31536000
+
+# ============================================================
+# FEATURE FLAGS
+# ============================================================
+ENABLE_CHARTS=True
+ENABLE_SEARCH=True
+ENABLE_EXPORT=True
+ENABLE_DARK_MODE=True
+
+# ============================================================
+# UI CONFIGURATION
+# ============================================================
+ITEMS_PER_PAGE=50
+MAX_ITEMS_PER_PAGE=200
+
+# ============================================================
+# EXPORT SETTINGS
+# ============================================================
+EXPORT_FORMATS=json,csv
+EXPORT_MAX_ITEMS=1000
+
+# ============================================================
+# CDN URLS (for offline use, download and host locally)
+# ============================================================
+BOOTSTRAP_CSS_CDN=https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/css/bootstrap.min.css
+BOOTSTRAP_JS_CDN=https://cdn.jsdelivr.net/npm/bootstrap@5.3.2/dist/js/bootstrap.bundle.min.js
+FONTAWESOME_CDN=https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.5.1/css/all.min.css
+CHARTJS_CDN=https://cdn.jsdelivr.net/npm/chart.js@4.4.1/dist/chart.umd.min.js
+
+# ============================================================
+# DISCORD BOT CONFIGURATION
+# ============================================================
+ENABLE_DISCORD_BOT=False
+DISCORD_BOT_TOKEN=
+DISCORD_CHANNEL_ID=
+DISCORD_CHECK_INTERVAL_MINUTES=60
+DISCORD_NOTIFY_CRITICAL=True
+DISCORD_NOTIFY_HIGH=True
+DISCORD_MIN_CVSS=7.0
+DISCORD_MIN_SEVERITY=HIGH
+
+# ============================================================
+# MONITORED VENDORS
+# ============================================================
+# Vendors are configured in config.py VENDORS list, not via environment variables.
+# Edit config.py to add/remove/modify vendors.
+
+# ============================================================
+# NOTES
+# ============================================================
+# 1. Boolean values: True/False (case-sensitive)
+# 2. Empty values will use defaults from config.py
+# 3. Paths can be absolute or relative to project root
+# 4. For production, always set DEBUG=False
+# 5. Get NVD API key to avoid rate limits
+# 6. Use strong CSP in production
+# 7. Enable HTTPS in production (handled by reverse proxy)