NGINX App Protect WAF 5.6 / 4.14 (#280)

* Nap helm chart (#267)

* feat: install nap 5 with helm chart

* Update content/nap-waf/v5/admin-guide/deploy-on-kubernetes/deploy-with-helm.md

Co-authored-by: Jon Torre <78599298+JTorreG@users.noreply.github.com>

* feat: Add placeholders for NAP 5.6 / 4.14 release notes (#284)

* feat: Restructure Kubernetes documentation IA, update references

* feat: Re-order admin-guide pages

* Update content/nap-waf/v4/releases/about-4.14.md

* feat: Remove unnecessary item, move issues from known to resolved

* feat: Update Generated Documentation (#301)

Compiler 11.322.0-nap-release-4-14-0-13891737 (6d34e452)

* Apply suggestions from code review

Co-authored-by: ohad-perets <126083286+ohad-perets@users.noreply.github.com>

* feat: Update package names, move Go version bump to resolved issues

* feat: Convert K8s configuration to includes for both cases

* feat: Remove mention of Alpine 3.17

* feat: OS version consolidation, remove redundancy

* feat: Add JWT step using includes

* feat: Update text to be imperative

* feat: Additional tab work for NAP5 installation

* feat: Fix formatting of common steps

* feat: Update release dates

* Update deploy-on-docker.md

removing && from DanielK's comments

* Update deploy-on-docker.md

remove also for plus

* feat: Update package file versions

* feat: Push additional documentation improvements

* feat: Fix links

* Update content/nap-waf/v5/releases/about-5.4.md

* Update deploy-with-helm.md

remove mtls & read-only references due to a bug, need to fix that after release

* Update deploy-with-helm.md

update login with jwt

---------

Co-authored-by: liadlevif5 <118743780+liadlevif5@users.noreply.github.com>
Co-authored-by: Jon Torre <78599298+JTorreG@users.noreply.github.com>
Co-authored-by: ohad-perets <126083286+ohad-perets@users.noreply.github.com>
Co-authored-by: Mike Jang <3287976+mjang@users.noreply.github.com>

Author: 5 people

Diff for: content/includes/nap-waf/config/v5/host-based-nginx-instructions/common-steps-with-alpine.md

@@ -1,13 +1,15 @@
-1. Upload **nginx-repo.key** to **/etc/apk/cert.key** and **nginx-repo.crt** to **/etc/apk/cert.pem**. Make sure that files do not contain other certificates and keys: Alpine Linux does not support mixing client certificates for different repositories.
+Move **nginx-repo.key** to **/etc/apk/cert.key** and **nginx-repo.crt** to **/etc/apk/cert.pem**. 
 
-2. Install prerequisite packages:
+Make sure that files do not contain other certificates and keys: Alpine Linux does not support mixing client certificates for different repositories.
 
-    ```shell
-    sudo apk add openssl ca-certificates
-    ```
+Install prerequisite packages:
 
-3. Put NGINX signing public key to directory `/etc/apk/keys`:
+```shell
+sudo apk add openssl ca-certificates
+```
 
-    ```shell
-    sudo wget -O /etc/apk/keys/nginx_signing.rsa.pub https://cs.nginx.com/static/keys/nginx_signing.rsa.pub
-    ```
+Add the NGINX signing public key to the directory `/etc/apk/keys`:
+
+```shell
+sudo wget -O /etc/apk/keys/nginx_signing.rsa.pub https://cs.nginx.com/static/keys/nginx_signing.rsa.pub
+```

Diff for: content/includes/nap-waf/config/v5/host-based-nginx-instructions/common-steps-with-amazon.md

@@ -0,0 +1,26 @@
+Create the `/etc/ssl/nginx/` directory:
+
+```shell
+sudo mkdir -p /etc/ssl/nginx
+```
+
+Upload the **nginx-repo.crt** and **nginx-repo.key** files to the `/etc/ssl/nginx/` directory.
+
+Remove any previously downloaded NGINX repository files from `/etc/yum.repos.d`:
+
+```shell
+sudo rm /etc/yum.repos.d/nginx*.repo
+sudo rm /etc/yum.repos.d/*app-protect*.repo
+```
+
+Install the required dependencies:
+
+```shell
+sudo dnf install ca-certificates wget
+```
+
+Download the `dependencies.repo` file to `/etc/yum.repos.d`:
+
+```shell
+sudo wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/dependencies.amazonlinux2023.repo
+```

Diff for: content/includes/nap-waf/config/v5/host-based-nginx-instructions/common-steps-with-amzn2023.md

@@ -1,50 +1,50 @@
-1. Create the `/etc/ssl/nginx/` directory:
+Create the `/etc/ssl/nginx/` directory:
 
-    ```shell
-    sudo mkdir -p /etc/ssl/nginx
-    ```
+```shell
+sudo mkdir -p /etc/ssl/nginx
+```
 
-2. Upload **nginx-repo.crt** and **nginx-repo.key** files to the `/etc/ssl/nginx/` directory.
+Upload **nginx-repo.crt** and **nginx-repo.key** files to the `/etc/ssl/nginx/` directory.
 
-3. Remove any previous NGINX repository and apt configuration files:
+Remove any previous NGINX repository and apt configuration files:
 
-    ```shell
-    sudo rm /etc/apt/sources.list.d/nginx*.list
-    sudo rm /etc/apt/sources.list.d/*app-protect*.list
-    sudo rm /etc/apt/apt.conf.d/90pkgs-nginx
-    ```
+```shell
+sudo rm /etc/apt/sources.list.d/nginx*.list
+sudo rm /etc/apt/sources.list.d/*app-protect*.list
+sudo rm /etc/apt/apt.conf.d/90pkgs-nginx
+```
 
-4. Install prerequisite packages:
+Install prerequisite packages:
 
-    ```shell
-    sudo apt-get update && sudo apt-get install apt-transport-https lsb-release ca-certificates wget gnupg2 debian-archive-keyring
-    ```
+```shell
+sudo apt-get update && sudo apt-get install apt-transport-https lsb-release ca-certificates wget gnupg2 debian-archive-keyring
+```
 
-5. Download and add the NGINX signing key:
+Download and add the NGINX signing key:
 
-    ```shell
-    wget -qO - https://cs.nginx.com/static/keys/nginx_signing.key | gpg --dearmor | \
-    sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
-    ```
+```shell
+wget -qO - https://cs.nginx.com/static/keys/nginx_signing.key | gpg --dearmor | \
+sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
+```
 
-6. Download the apt configuration to `/etc/apt/apt.conf.d`:
+Download the apt configuration to `/etc/apt/apt.conf.d`:
 
-    ```shell
-    sudo wget -P /etc/apt/apt.conf.d https://cs.nginx.com/static/files/90pkgs-nginx
-    ```
+```shell
+sudo wget -P /etc/apt/apt.conf.d https://cs.nginx.com/static/files/90pkgs-nginx
+```
 
-7. Verify that the downloaded file contains the proper key:
+Verify that the downloaded file contains the proper key:
 
-    ```shell
-    gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg
-    ```
+```shell
+gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg
+```
 
-    The output should contain the full fingerprint `573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62` as follows:
+The output should contain the full fingerprint `573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62` as follows:
 
-    ```none
-    pub   rsa2048 2011-08-19 [SC] [expires: 2027-05-24]
-          573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
-    uid                      nginx signing key <signing-key@nginx.com>
-    ```
+```none
+pub   rsa2048 2011-08-19 [SC] [expires: 2027-05-24]
+        573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
+uid                      nginx signing key <signing-key@nginx.com>
+```
 
-    If the fingerprint is different, remove the file.
+If the fingerprint is different, remove the file.

Diff for: content/includes/nap-waf/config/v5/host-based-nginx-instructions/common-steps-with-debian.md

@@ -1,26 +1,26 @@
-1. Create the `/etc/ssl/nginx` directory:
+Create the `/etc/ssl/nginx/` directory:
 
-    ```shell
-    sudo mkdir -p /etc/ssl/nginx
-    ```
+```shell
+sudo mkdir -p /etc/ssl/nginx
+```
 
-2. Upload **nginx-repo.crt** and **nginx-repo.key** files to the `/etc/ssl/nginx/` directory.
+Upload **nginx-repo.crt** and **nginx-repo.key** files to the `/etc/ssl/nginx/` directory.
 
-3. Remove any previously downloaded NGINX repository files from `/etc/yum.repos.d`:
+Remove any previously downloaded NGINX repository files from `/etc/yum.repos.d`:
 
-    ```shell
-    sudo rm /etc/yum.repos.d/nginx*.repo
-    sudo rm /etc/yum.repos.d/*app-protect*.repo
-    ```
+```shell
+sudo rm /etc/yum.repos.d/nginx*.repo
+sudo rm /etc/yum.repos.d/*app-protect*.repo
+```
 
-4. Install required dependencies:
+Install required dependencies:
 
-    ```shell
-    sudo dnf install ca-certificates wget
-    ```
+```shell
+sudo dnf install ca-certificates wget
+```
 
-5. Download the `dependencies.repo` file to `/etc/yum.repos.d`:
+Download the `dependencies.repo` file to `/etc/yum.repos.d`:
 
-    ```shell
-    sudo wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/dependencies.repo
-    ```
+```shell
+sudo wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/dependencies.repo
+```

Diff for: content/includes/nap-waf/config/v5/host-based-nginx-instructions/common-steps-with-dnf.md

@@ -1,26 +1,26 @@
-1. Create the `/etc/ssl/nginx` directory:
+Create the `/etc/ssl/nginx/` directory:
 
-    ```shell
-    sudo mkdir -p /etc/ssl/nginx
-    ```
+```shell
+sudo mkdir -p /etc/ssl/nginx
+```
 
-2. Upload **nginx-repo.crt** and **nginx-repo.key** files to the `/etc/ssl/nginx/` directory.
+Upload **nginx-repo.crt** and **nginx-repo.key** files to the `/etc/ssl/nginx/` directory.
 
-3. Remove any previously downloaded NGINX repository files from `/etc/yum.repos.d`:
+Remove any previously downloaded NGINX repository files from `/etc/yum.repos.d`:
 
-    ```shell
-    sudo rm /etc/yum.repos.d/nginx*.repo
-    sudo rm /etc/yum.repos.d/*app-protect*.repo
-    ```
+```shell
+sudo rm /etc/yum.repos.d/nginx*.repo
+sudo rm /etc/yum.repos.d/*app-protect*.repo
+```
 
-4. Install required dependencies:
+Install required dependencies:
 
-    ```shell
-    sudo yum install ca-certificates wget
-    ```
+```shell
+sudo yum install ca-certificates wget
+```
 
-5. Download the `dependencies.repo` file to `/etc/yum.repos.d`:
+Download the `dependencies.repo` file to `/etc/yum.repos.d`:
 
-    ```shell
-    sudo wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/dependencies.repo
-    ```
+```shell
+sudo wget -P /etc/yum.repos.d https://cs.nginx.com/static/files/dependencies.repo
+```

Diff for: content/includes/nap-waf/config/v5/host-based-nginx-instructions/common-steps-with-rhel-cen-74.md

@@ -1,50 +1,50 @@
-1. Create the `/etc/ssl/nginx/` directory:
+Create the `/etc/ssl/nginx/` directory:
 
-    ```shell
-    sudo mkdir -p /etc/ssl/nginx
-    ```
+```shell
+sudo mkdir -p /etc/ssl/nginx
+```
 
-2. Upload **nginx-repo.crt** and **nginx-repo.key** files to the `/etc/ssl/nginx/` directory.
+Upload **nginx-repo.crt** and **nginx-repo.key** files to the `/etc/ssl/nginx/` directory.
 
-3. Remove any previous NGINX repository and apt configuration files:
+Remove any previous NGINX repository and apt configuration files:
 
-    ```shell
-    sudo rm /etc/apt/sources.list.d/nginx*.list
-    sudo rm /etc/apt/sources.list.d/*app-protect*.list
-    sudo rm /etc/apt/apt.conf.d/90pkgs-nginx
-    ```
+```shell
+sudo rm /etc/apt/sources.list.d/nginx*.list
+sudo rm /etc/apt/sources.list.d/*app-protect*.list
+sudo rm /etc/apt/apt.conf.d/90pkgs-nginx
+```
 
-4. Install prerequisite packages:
+Install prerequisite packages:
 
-    ```shell
-    sudo apt-get update && sudo apt-get install apt-transport-https lsb-release ca-certificates wget gnupg2 ubuntu-keyring
-    ```
+```shell
+sudo apt-get update && sudo apt-get install apt-transport-https lsb-release ca-certificates wget gnupg2 ubuntu-keyring
+```
 
-5. Download and add the NGINX signing key:
+Download and add the NGINX signing key:
 
-    ```shell
-    wget -qO - https://cs.nginx.com/static/keys/nginx_signing.key | gpg --dearmor | \
-    sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
-    ```
+```shell
+wget -qO - https://cs.nginx.com/static/keys/nginx_signing.key | gpg --dearmor | \
+sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null
+```
 
-6. Download the apt configuration to `/etc/apt/apt.conf.d`:
+Download the apt configuration to `/etc/apt/apt.conf.d`:
 
-    ```shell
-    sudo wget -P /etc/apt/apt.conf.d https://cs.nginx.com/static/files/90pkgs-nginx
-    ```
+```shell
+sudo wget -P /etc/apt/apt.conf.d https://cs.nginx.com/static/files/90pkgs-nginx
+```
 
-7. Verify that the downloaded file contains the proper key:
+Verify that the downloaded file contains the proper key:
 
-    ```shell
-    gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg
-    ```
+```shell
+gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg
+```
 
-    The output should contain the full fingerprint `573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62` as follows:
+The output should contain the full fingerprint `573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62` as follows:
 
-    ```none
-    pub   rsa2048 2011-08-19 [SC] [expires: 2027-05-24]
-          573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
-    uid                      nginx signing key <signing-key@nginx.com>
-    ```
+```none
+pub   rsa2048 2011-08-19 [SC] [expires: 2027-05-24]
+        573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62
+uid                      nginx signing key <signing-key@nginx.com>
+```
 
-    If the fingerprint is different, remove the file.
+If the fingerprint is different, remove the file.

Diff for: content/includes/nap-waf/config/v5/host-based-nginx-instructions/common-steps-with-ubuntu.md

@@ -1,15 +1,21 @@
-1. Set up the apk repository for mainline nginx packages:
+Set up the apk repository for mainline nginx packages:
 
-    ```shell
-    printf "%s%s%s\n" \
-    "http://nginx.org/packages/mainline/alpine/v" \
-    `egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \
-    "/main" \
-    | sudo tee -a /etc/apk/repositories
-    ```
+```shell
+printf "%s%s%s\n" \
+"http://nginx.org/packages/mainline/alpine/v" \
+`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release` \
+"/main" \
+| sudo tee -a /etc/apk/repositories
+```
 
-2. Add the NGINX App Protect WAF v5 apk repository:
+Add the NGINX App Protect WAF v5 apk repository:
 
-    ```shell
-    printf "https://pkgs.nginx.com/app-protect-x-oss/alpine/v`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release`/main\n" | sudo tee -a /etc/apk/repositories
-    ```
+```shell
+printf "https://pkgs.nginx.com/app-protect-x-oss/alpine/v`egrep -o '^[0-9]+\.[0-9]+' /etc/alpine-release`/main\n" | sudo tee -a /etc/apk/repositories
+```
+
+Install the NGINX App Protect WAF v5 package:
+
+```shell
+sudo apk add app-protect-module-oss
+```