DefGuard · moubctez · Apr 23, 2026 · Apr 23, 2026 · Apr 23, 2026 · Apr 23, 2026
diff --git a/.fpm b/.fpm
@@ -3,3 +3,4 @@
 --description "Defguard Edge service"
 --url "https://defguard.net/"
 --maintainer "Defguard"
+--config-files /etc/defguard/proxy.toml
diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml
@@ -69,7 +69,7 @@ jobs:
           cache-to: type=gha,mode=max
 
       - name: Scan image with Trivy
-        uses: aquasecurity/trivy-action@0.35.0
+        uses: aquasecurity/trivy-action@v0.36.0
         with:
           image-ref: "${{ env.GHCR_REPO }}:${{ github.sha }}-${{ matrix.tag }}"
           format: "table"

diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml
@@ -33,7 +33,7 @@ jobs:
           submodules: recursive
 
       - name: Create SBOM with Trivy
-        uses: aquasecurity/trivy-action@0.35.0
+        uses: aquasecurity/trivy-action@v0.36.0
         with:
           scan-type: 'fs'
           format: 'spdx-json'
@@ -43,7 +43,7 @@ jobs:
           scanners: "vuln"
 
       - name: Create Docker image SBOM with Trivy
-        uses: aquasecurity/trivy-action@0.35.0
+        uses: aquasecurity/trivy-action@v0.36.0
         with:
           image-ref: "ghcr.io/defguard/defguard-proxy:${{ steps.vars.outputs.VERSION }}"
           scan-type: 'image'
@@ -53,7 +53,7 @@ jobs:
           scanners: "vuln"
 
       - name: Create security advisory file with Trivy
-        uses: aquasecurity/trivy-action@0.35.0
+        uses: aquasecurity/trivy-action@v0.36.0
         with:
           scan-type: 'fs'
           format: 'json'
@@ -63,7 +63,7 @@ jobs:
           scanners: "vuln"
 
       - name: Create Docker image security advisory file with Trivy
-        uses: aquasecurity/trivy-action@0.35.0
+        uses: aquasecurity/trivy-action@v0.36.0
         with:
           image-ref: "ghcr.io/defguard/defguard-proxy:${{ steps.vars.outputs.VERSION }}"
           scan-type: 'image'

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -37,7 +37,10 @@ jobs:
           submodules: recursive
 
       - name: Scan code with Trivy
-        uses: aquasecurity/trivy-action@0.35.0
+        uses: aquasecurity/trivy-action@v0.36.0
+        env:
+          TRIVY_IGNOREFILE: ".trivyignore.yaml"
+          TRIVY_SHOW_SUPPRESSED: 1
         with:
           scan-type: 'fs'
           scan-ref: '.'

diff --git a/.trivyignore.yaml b/.trivyignore.yaml
@@ -0,0 +1,4 @@
+vulnerabilities:
+  - id: GHSA-w5hq-g745-h8pq
+    expired_at: 2026-04-30
+    statement: 'Not yet fixed in dependencies'
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/freebsd/defguard-proxy b/freebsd/defguard-proxy
@@ -6,15 +6,14 @@
 
 . /etc/rc.subr
 
-name="defguard"
-rcvar=defguard_enable
+name="defguard_proxy"
+rcvar=defguard_proxy_enable
 command="/usr/local/bin/defguard-proxy"
 config="/etc/defguard/proxy.toml"
-start_cmd="${name}_start"
+start_cmd="${name}_proxy_start"
 
-defguard_start()
-{
-  ${command} --config ${config} &
+defguard_proxy_start() {
+	${command} --config ${config} &
 }
 
 load_rc_config $name

diff --git a/linux/defguard-proxy.service b/linux/defguard-proxy.service
@@ -1,6 +1,6 @@
 [Unit]
 Description=Defguard Edge service
-Documentation=https://defguard.gitbook.io/defguard/
+Documentation=https://docs.defguard.net/
 Wants=network-online.target
 After=network-online.target