feat: Add core limitations and missing Docker configuration (#1356)

This commit updates the Markdown linting configuration files, and adds
an explanation of the linting available in the repository to the process
documentation. The linter itself has been used on multiple files also
affected in this commit.

There are a handful of peripheral changes made in the PR:

- Adding the latest catalogue tags to the Hugo archetype metadata
- Fixing a broken link for NGINX Amplify
- Fixing duplicate tabs caused by includes (Closes #1343)
- Adding reload instructions to NGINX configuration (Closes #1346)
- Configuration updates for the repository's automatic labeller

Additionally, a small heading naming issue was fixed in the changelog,
as well as a formatting style based on our Markdown linting rules.

Author: ADubhlaoich

.github/labeler.yml

@@ -23,6 +23,12 @@ product/amplify:
   - changed-files:
       - any-glob-to-any-file: 'content/amplify/**'
 
+product/dos:
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'content/nap-dos/**'
+          - 'content/includes/nap-dos/**'
+
 product/controller:
   - changed-files:
       - any-glob-to-any-file:
@@ -37,18 +43,6 @@ product/modsec-waf:
   - changed-files:
       - any-glob-to-any-file: 'content/modsec-waf/**'
 
-product/nap-dos:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'content/nap-dos/**'
-          - 'content/includes/nap-dos/**'
-
-product/nap-waf:
-  - changed-files:
-      - any-glob-to-any-file:
-          - 'content/nap-waf/**'
-          - 'content/includes/nap-waf/**'
-
 product/ngf:
   - changed-files:
       - any-glob-to-any-file:
@@ -97,12 +91,19 @@ product/unit:
           - 'content/unit/**'
           - 'content/includes/unit/**'
 
+product/waf:
+  - changed-files:
+      - any-glob-to-any-file:
+          - 'content/waf/**'
+          - 'content/includes/waf/**'
+
 # Other labels
 
 process documentation:
   - changed-files:
       - any-glob-to-any-file:
           - 'templates/**'
+          - 'documentation/**'
           - '*.md'
           - 'LICENSE'
 
@@ -122,6 +123,8 @@ tooling:
           - '*.sh'
           - '*.js'
           - 'Makefile'
-          - '.vale.ini'
-          - '.gitignore'
           - '.gitattributes'
+          - '.gitignore'
+          - '.gitlint'
+          - '.markdownlint.yaml'
+          - '.vale.ini'

content/waf/changelog/2024.md

@@ -17,7 +17,7 @@ For the current year, view [the top-level changelog]({{< ref "/waf/changelog/">}
 
 ## F5 WAF for NGINX 5.4 / 4.12
 
-_November 19th, 2024_
+Released _November 19th, 2024_.
 
 ### New features
 
@@ -76,7 +76,7 @@ sudo service nginx restart
 
 ## F5 WAF for NGINX 5.3 / 4.11
 
-_September 25, 2024_
+Released _September 25, 2024_.
 
 ### New features
 
@@ -116,7 +116,7 @@ _September 25, 2024_
 
 ## F5 WAF for NGINX 5.2 / 4.10
 
-_May 29, 2024_
+Released _May 29, 2024_.
 
 ### New features
 
@@ -149,7 +149,7 @@ _May 29, 2024_
 
 ## F5 WAF for NGINX 5.1 / 4.9
 
-_April 18, 2024_
+Released _April 18, 2024_.
 
 ### New features
 
@@ -188,7 +188,7 @@ _April 18, 2024_
 
 ## F5 WAF for NGINX 5.0 / 4.8.1
 
-_March 19, 2024_
+Released _March 19, 2024_.
 
 ### New features
 
@@ -199,7 +199,7 @@ _March 19, 2024_
 
 {{< table >}}
 
-| Distribution name        | NGINX Open Source (5.1)                                           |  NGINX Plus (5.1)                                              | NGINX Plus (4.8.1)                                  |
+| Distribution name        | NGINX Open Source (5.0)                                           |  NGINX Plus (5.0)                                              | NGINX Plus (4.8.1)                                  |
 | ------------------------ | ----------------------------------------------------------------- | -------------------------------------------------------------- |----------------------------------------------------|
 | Alpine 3.17              | _app-protect-module-oss-1.25.4+4.815.0-r1.apk_                    | _app-protect-module-plus-31+4.815.0-r1.apk_                    | _app-protect-31.4.815.0-r1.apk_                    |
 | Amazon Linux 2023        | _app-protect-module-oss-1.25.4+4.815.0-1.amzn2023.ngx.x86_64.rpm_ | _app-protect-module-plus-31+4.815.0-1.amzn2023.ngx.x86_64.rpm_ | _app-protect-31+4.815.0-1.amzn2023.ngx.x86_64.rpm_ |

content/waf/changelog/_index.md

@@ -19,7 +19,7 @@ For older releases, check the changelogs for previous years: [2024]({{< ref "/wa
 
 ## F5 WAF for NGINX 5.9
 
-_September 29th, 2025_
+Released _September 29th, 2025_.
 
 ### New features
 
@@ -32,6 +32,21 @@ _September 29th, 2025_
     - Package and container artifacts now share the same version numbers
     - Upgrade processes remain the same as earlier releases
     - No breaking changes
+
+{{< call-out "important" >}}
+
+"_V4_" is now represented in the following pages or sections:
+
+- [Virtual machine or bare metal]({{< ref "/waf/install/virtual-environment.md">}})
+- Docker [Hybrid]({{< ref "/waf/install/docker.md#hybrid-configuration" >}}) and [Single container]({{< ref "/waf/install/docker.md#single-container-configuration" >}}) configuration
+
+"_V5_" is now represented in the following pages or sections:
+
+- [Kubernetes]({{< ref "/waf/install/kubernetes.md">}})
+- Docker [Multi-container]({{< ref "/waf/install/docker.md#multi-container-configuration" >}}) configuration
+
+{{< /call-out >}}
+
 - Restructured documentation
     - Product name change
     - Version alignment
@@ -58,7 +73,7 @@ _September 29th, 2025_
 
 ## NGINX App Protect WAF 5.8 / 4.16
 
-_August 13th, 2025_
+Released _August 13th, 2025_.
 
 ### New features
 
@@ -84,7 +99,7 @@ _August 13th, 2025_
 
 ## NGINX App Protect WAF 5.7 / 4.15
 
-_June 24th, 2025_
+Released _June 24th, 2025_.
 
 ### New features
 
@@ -124,10 +139,9 @@ _June 24th, 2025_
 
 {{< /table >}}
 
-
 ## NGINX App Protect WAF 5.6 / 4.14
 
-_April 1st, 2025_
+Released _April 1st, 2025_.
 
 ### New features
 
@@ -167,7 +181,7 @@ _April 1st, 2025_
 
 ## NGINX App Protect WAF 5.5 / 4.13
 
-_January 30th, 2025_
+Released _January 30th, 2025_.
 
 ### New features
 

content/waf/fundamentals/technical-specifications.md

@@ -14,6 +14,10 @@ nd-product: NAP-WAF
 
 This page outlines the technical specifications for F5 WAF for NGINX, which includes the minimum requirements and supported platforms.
 
+## Resource limitations
+
+- F5 WAF for NGINX supports a **maximum** of **127** CPU cores.
+
 ## Supported deployment environments
 
 You can deploy F5 WAF for NGINX in the following environments:
@@ -54,9 +58,8 @@ The F5 WAF for NGINX package has the following dependencies:
 | app-protect-threat-campaigns               | The F5 WAF for NGINX threat campaigns update package |
 | nginx-plus-module-appprotect               | NGINX Plus dynamic module for F5 WAF for NGINX |
 
-
 1. _Optional dependencies_
-2. _This module needs to be installed separately, and includes a client for downloading and updating the feature's database_
+1. _This module needs to be installed separately, and includes a client for downloading and updating the feature's database_
 
 ## Supported security policy features
 

content/waf/install/docker.md

@@ -445,7 +445,61 @@ Once you have updated your configuration files, you can reload NGINX to apply th
 
 #### Create and run a Docker Compose file
 
-{{< include "waf/install-services-compose.md" >}}
+Create a _docker-compose.yml_ file with the following contents in your host environment, replacing image tags as appropriate:
+
+```yaml
+services:
+  nginx:
+    container_name: nginx
+    image: nginx-app-protect-5
+    volumes:
+    - app_protect_bd_config:/opt/app_protect/bd_config
+    - app_protect_config:/opt/app_protect/config
+    - app_protect_etc_config:/etc/app_protect/conf
+    - /conf/nginx.conf:/etc/nginx/nginx.conf
+    - /conf/default.conf:/etc/nginx/conf.d/default.conf
+    - ./license.jwt:/etc/nginx/license.jwt # Only necessary when using NGINX Plus
+    networks:
+    - waf_network
+    ports:
+    - "80:80"
+
+  waf-enforcer:
+    container_name: waf-enforcer
+    image: waf-enforcer:5.2.0
+    environment:
+      - ENFORCER_PORT=50000
+    ports:
+      - "50000:50000"
+    volumes:
+      - /opt/app_protect/bd_config:/opt/app_protect/bd_config
+    networks:
+      - waf_network
+    restart: always
+
+  waf-config-mgr:
+    container_name: waf-config-mgr
+    image: waf-config-mgr:5.2.0
+    volumes:
+      - /opt/app_protect/bd_config:/opt/app_protect/bd_config
+      - /opt/app_protect/config:/opt/app_protect/config
+      - /etc/app_protect/conf:/etc/app_protect/conf
+    restart: always
+    network_mode: none
+    depends_on:
+      waf-enforcer:
+        condition: service_started
+
+networks:
+  waf_network:
+    driver: bridge
+```
+
+To start the F5 WAF for NGINX services, use `docker compose up` in the same folder as the _docker-compose.yml_ file:
+
+```shell
+sudo docker compose up -d
+```
 
 You can now review the operational status of F5 WAF for NGINX using the [Post-installation checks]({{< ref "/waf/install/docker.md#post-installation-checks" >}}).