121 lines
2.9 KiB
Markdown
121 lines
2.9 KiB
Markdown
# Anubis Proof-of-Work Deployment Guide (Docker, Binary, nginx, Apache)
|
|
|
|
The Church of Malware (CoM) does not condone the use or introduction of egyptian deities onto any individual, human, or animal; however AI is neither natural, a human, nor actual intelligence. This focused installation and configuration tutorial provides complete, production-ready steps for deploying Anubis as the primary proof-of-work wall. It covers Docker, bare-metal binary, and integration with standard nginx and Apache.
|
|
|
|
## 1. Quick Start (Docker Compose — Recommended)
|
|
|
|
```yaml
|
|
# docker-compose.yml
|
|
version: "3.8"
|
|
services:
|
|
anubis:
|
|
image: ghcr.io/techarohq/anubis:latest
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
environment:
|
|
- ANUBIS_TARGET=http://origin:8080
|
|
- ANUBIS_POLICY=hardened
|
|
- ANUBIS_SERVE_ROBOTS_TXT=true
|
|
volumes:
|
|
- ./anubis.yaml:/config.yaml:ro
|
|
restart: unless-stopped
|
|
|
|
origin:
|
|
image: nginx:alpine
|
|
volumes:
|
|
- ./site:/usr/share/nginx/html:ro
|
|
expose:
|
|
- "8080"
|
|
```
|
|
|
|
```yaml
|
|
# anubis.yaml
|
|
target: http://origin:8080
|
|
policy: hardened
|
|
serve_robots_txt: true
|
|
```
|
|
|
|
```bash
|
|
docker compose up -d
|
|
```
|
|
|
|
## 2. Bare-Metal Binary Installation
|
|
|
|
```bash
|
|
curl -L https://github.com/TecharoHQ/anubis/releases/latest/download/anubis-linux-amd64 -o /usr/local/bin/anubis
|
|
chmod +x /usr/local/bin/anubis
|
|
|
|
cat > /etc/systemd/system/anubis.service <<'EOF'
|
|
[Unit]
|
|
Description=Anubis PoW Reverse Proxy
|
|
After=network.target
|
|
|
|
[Service]
|
|
ExecStart=/usr/local/bin/anubis --config /etc/anubis/config.yaml
|
|
Restart=always
|
|
User=anubis
|
|
WorkingDirectory=/etc/anubis
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
EOF
|
|
|
|
systemctl daemon-reload
|
|
systemctl enable --now anubis
|
|
```
|
|
|
|
## 3. nginx Integration (Origin Server)
|
|
|
|
```nginx
|
|
server {
|
|
listen 127.0.0.1:8080;
|
|
server_name _;
|
|
root /var/www/html;
|
|
|
|
# Apply aggressive-bot map from known-aggressive-bot-user-agents.md
|
|
include /etc/nginx/snippets/aggressive-bots.conf;
|
|
|
|
location / {
|
|
if ($aggressive_bot) {
|
|
# optional: serve tarpit or malformed response after PoW
|
|
}
|
|
try_files $uri $uri/ =404;
|
|
}
|
|
}
|
|
```
|
|
|
|
Anubis proxies to this internal origin after successful proof-of-work validation.
|
|
|
|
## 4. Apache Integration
|
|
|
|
```apache
|
|
<VirtualHost 127.0.0.1:8080>
|
|
ServerName example.com
|
|
DocumentRoot /var/www/html
|
|
|
|
SetEnvIf User-Agent "GPTBot|ClaudeBot|Bytespider|Perplexity|headless" aggressive_bot
|
|
CustomLog /var/log/apache2/ai_violators.log combined env=aggressive_bot
|
|
</VirtualHost>
|
|
```
|
|
|
|
## 5. robots.txt Recommendation
|
|
|
|
```txt
|
|
User-agent: *
|
|
Disallow: /tarpit/
|
|
Disallow: /malformed/
|
|
Disallow: /slow-tarpit/
|
|
```
|
|
|
|
## 6. Testing
|
|
|
|
```bash
|
|
# Should trigger Anubis challenge
|
|
curl -I -A "GPTBot/1.0" https://example.com/
|
|
|
|
# Should receive fast response
|
|
curl -I -A "Mozilla/5.0 (Windows NT 10.0; Win64; x64)" https://example.com/
|
|
```
|
|
|
|
*Part of the passive defense layer. See also the tarpit and rate-limiting documentation.* |