Set openvas as default scanner

ArnoStiefvater · ArnoStiefvater · commit 9261611bdc98 · 2024-12-12T10:25:18.000+01:00
diff --git a/rust/examples/openvasd/config.example.toml b/rust/examples/openvasd/config.example.toml
@@ -1,54 +1,59 @@
-# openvasd contains several modes to control the behaviour of it.
+# Openvasd contains several modes to control the behaviour of it.
 # Service enables nasl and notus feed observations all endpoints.
 mode = "service"
 # Notus disables /scan endpoints and just observes the notus feed.
 # mode = "service_notus"
 
 [feed]
-# path to the openvas feed. This is required for the /vts endpoint.
+# Path to the openvas feed. This is required for the /vts endpoint.
 path = "/var/lib/openvas/plugins"
-# disables or enables the signnature check
+# Disables or enables the signnature check
 signature_check = true
 
 [feed.check_interval]
-# how often the feed should be checked for updates
+# How often the feed should be checked for updates
 secs = 3600
 nanos = 0
 
 [notus]
-# path to the notus feed. This is required for the /notus endpoint.
+# Path to the notus feed. This is required for the /notus endpoint
 products_path = "/var/lib/notus/products/"
-# path to the notus advisories feed. This is required for the /vts endpoint.
+# path to the notus advisories feed. This is required for the /vts endpoint
 advisories_path = "/var/lib/notus/advisories/"
 
 [endpoints]
-# enables GET /scans endpoint
+# Enables GET /scans endpoint
 enable_get_scans = true
-# if set it requires `x-api-key` header to use the endpoint
+# If set it requires `x-api-key` header to use the endpoint
 key = "mtls_is_preferred"
 
 [tls]
-# the server certificate
+# The server certificate
 certs = "/etc/openvasd/tls/server.pem"
-# server key
+# Server key
 key = "/var/lib/openvasd/tls/server.rsa"
-# dir that contains client certificates. if there are none than every client is
+# dir that contains client certificates. If there are none than every client is
 # allowed to connect otherwise just the clients that have the configured
-# client certificates
+# client certificates.
 client_certs = "/etc/openvasd/tls/client"
 
 [scanner]
-# Supported types: ospd, openvas, openvasd
-type = "ospd"
+# Supported types:
+#   "ospd": Old API which will be deprecated soon
+#   "openvas": Current C based openvas-scanner
+#   "openvasd": New Rust based scanner which is not yet fully implemented
+# If "ospd" is used the ospd related settings have to be set.
+# If "openvas" is selected the [storage] option has to be set to "redis".
+type = "openvas"
 
 [scanner.ospd]
-# path to the unix socket of ospd-openvas
+# Path to the unix socket of ospd-openvas
 socket = "/var/run/ospd/ospd.sock"
 
 [scanner.ospd.read_timeout]
 # Max time openvasd waits for an ospd-openvas response before
 # returning a 500 code (Internal server error). Using the config
-# file, it can be set in seconds and nanoseconds
+# file, it can be set in seconds and nanoseconds.
 secs = 1
 nanos = 0
 
@@ -69,13 +74,13 @@ level = "INFO"
 # can be either fs (file system), redis or inmemory (in memory).
 # If it is set to fs is highly recommended to set `STORAGE_KEY` in the env variable.
 # WARNING: if the type is set to fs and no encryption key is set then the data is stored unencrypted.
-# As long as legacy openvas is required redis is recommended
+# "redis" has to be chosen if the "openvas" scanner type is set.
 #type = "fs"
-#type = "redis"
-type = "inmemory"
+type = "redis"
+#type = "inmemory"
 
 [storage.redis]
-# set the redis url. When socket is used it has to start with `unix://`
+# Set the redis url. When socket is used it has to start with `unix://`
 # if a username and password is required it also needs to set in the url:
 # redis://user:pass@localhost:6379
 url = "redis://localhost:6379"
