OWASP · commjoen · Sep 24, 2023 · Sep 24, 2023 · Sep 24, 2023 · Sep 24, 2023
@@ -65,11 +65,11 @@ kubectl get secrets wrongsecrets-balancer-secret -o=jsonpath='{.data.adminPasswo
 kubectl get pods
 
 # We got a example loadbalancer yaml for this example in the repository
-wget https://raw.githubusercontent.com/OWASP/wrongsecrets-ctf-party/main/guides/k8s/k8s-juice-service.yaml
+wget https://raw.githubusercontent.com/OWASP/wrongsecrets-ctf-party/main/guides/k8s/wrongsecrets-ctf-party-loadbalancer.yaml
 
 # Create the loadbalancer
 # This might take a couple of minutes
-kubectl apply -f k8s-juice-service.yaml
+kubectl apply -f wrongsecrets-ctf-party-loadbalancer.yaml
 
 # If it takes longer than a few minutes take a detailed look at the loadbalancer
 kubectl describe svc wrongsecrets-ctf-party-loadbalancer
@@ -81,5 +81,5 @@ kubectl describe svc wrongsecrets-ctf-party-loadbalancer
 helm uninstall wrongsecrets-ctf-party
 
 # Delete the loadbalancer
-kubectl delete -f k8s-juice-service.yaml
+kubectl delete -f wrongsecrets-ctf-party-loadbalancer.yaml
 ```
@@ -1,7 +1,7 @@
 kind: Service
 apiVersion: v1
 metadata:
-  name: multi-juicer-loadbalancer
+  name: wrongsecrets-ctf-party-loadbalancer
 spec:
   type: LoadBalancer
   selector:

@@ -1,13 +1,13 @@
 # Production Checklist
 
-To ensure MultiJuicer runs as smoothly during your CTF's / trainings / workshops, heres a list of things you might want to make sure is configured correctly before you run MultiJuicer in "production".
+To ensure Wrongsecrets CTF Party runs as smoothly during your CTF's / trainings / workshops, heres a list of things you might want to make sure is configured correctly before you run Wrongsecrets CTF Party in "production".
 
 1. Set `.balancer.cookie.cookieParserSecret` to a random alpha-numeric value (recommended length 24 chars), this value is used to sign cookies. If you don't set this, each `helm upgrade` you run will generate a new one, which invalidates all user sessions, forcing users to rejoin their team.
 2. As you are running this with https (right?), you should set `balancer.cookie.secure` to `true`. This marks the cookie used to associate a browser with a team to transmitted via https only.
 3. Make sure the value you have configured for `wrongsecrets.maxInstances` & `virtualdesktop.maxInstances` fits your CTF / training / whatever you are running. The default is set to only allow 10 instances. Set to -1 to remove any restrictions.
-4. Set `balancer.replicas` to at least 2, so that you have at least one fall back JuiceBalancer when one crashes or the node it lives on goes down.
-5. When running a CTF with JuiceShop challenge flags, make sure to change `juiceShop.ctfKey` from the default. Otherwise users will be able to generate their own flags relatively easily. See
-6. When using prometheus metrics, e.g. when you have followed the [Monitoring SetUp Guide](https://github.com/iteratec/multi-juicer/blob/main/guides/monitoring-setup/monitoring.md) you'll want to change `balancer.metrics.basicAuth.password` to a non default values. Otherwise users can use the default value to access the technical metrics of the JuiceBalancer pods.
+4. Set `balancer.replicas` to at least 2, so that you have at least one fall back Wrongsecrets-balancers when one crashes or the node it lives on goes down.
+5. When running a CTF with WrongSecrets challenge flags, make sure to change `juiceShop.ctfKey` from the default. Otherwise users will be able to generate their own flags relatively easily. See
+6. When using prometheus metrics, e.g. when you have followed the [Monitoring SetUp Guide](https://github.com/iteratec/multi-juicer/blob/main/guides/monitoring-setup/monitoring.md) you'll want to change `balancer.metrics.basicAuth.password` to a non default values. Otherwise users can use the default value to access the technical metrics of the Wrongsecrets-balancers pods.
 7. If you host this CTF in a public domain, change the `balancer.env.REACT_APP_ACCESS_PASSWORD` to a password you communicate to your users at the start of teh CTF.
 8. Make sure to rotate the `balancer.env.REACT_APP_CREATE_TEAM_HMAC_KEY` HMAC key for anti-infra-creation-fuzzing as well into something else than 'hardcodedkey' when you see players generating 100s of instances in minutes.
 

@@ -199,4 +199,4 @@ Run Multi User "Capture the Flags" or Security Trainings with OWASP Wrongsecrets
 | wrongsecretsCleanup.tolerations | list | `[]` | Optional Configure kubernetes toleration for the wrongsecretsCleanup Job (see: https://kubernetes.io/docs/concepts/scheduling-eviction/taint-and-toleration/) |
 
 ----------------------------------------------
-Autogenerated from chart metadata using [helm-docs v1.11.2](https://github.com/norwoodj/helm-docs/releases/v1.11.2)
+Autogenerated from chart metadata using [helm-docs v1.11.0](https://github.com/norwoodj/helm-docs/releases/v1.11.0)