pretecno/crowdsec-bouncer-traefik-plugin
3
0
Fork 0
mirror of https://github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin.git synced 2026-02-05 00:23:42 +01:00
Code Issues Packages Releases Activity
254 Commits 11 Branches 70 Tags
main
Commit Graph

254 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
maxlerebourg
889c5b55fe Add solved-captcha as option of remediationCustomHeader (#310) v1.5.0 2026-01-23 11:36:32 +01:00
maxlerebourg
efb3a67019 🔒️ Potential fix for code scanning alert no. 8: Workflow does not contain permissions (#311) 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
 2026-01-22 09:44:33 +01:00
omer
0780027252 🐛 Do not validate Crowdsec LAPI authentication credentials if bouncer is in Appsec mode (#305) 
* Do not validate Crowdsec LAPI key and TLS authentication if bouncer is in AppSec mode

* Add extra validation checks for lapiKey or appsecKey definition

* Fix linting on changed error message

* Update configuration.go

- Show paramName in validateParamsApiKey
- Remove check for empty appsecKey or lapiKey (LAPI can have TLS auth)
- Remove check for emptry appsecKey if CrowdsecMode is Appsec

* Update configuration_test.go after updated validateParamsAPIKey
v1.5.0-beta2 		2026-01-20 23:42:24 +01:00
maxlerebourg
892909b9b8 🐛 fix start up config error for appsec and review doc for appsec tls (#300) 
* 🐛 fix start up config error for appsec

* :doc: add documentation on appsec variables and missing conf parameter

* 🍱 fix lint

* 🍱 fix lint

* 🍱 fix lint

* 🍱 fix after lot of tests

* update exemple tls with new variables tested

* fix exemple appsec with release and not localplugin

---------

Co-authored-by: mhx <mathieu@hanotaux.fr>
v1.5.0-beta1 		2025-12-21 21:52:19 +01:00
dependabot[bot]
c26923dee5 ⬆️ Bump actions/cache from 4 to 5 (#303) 
Bumps [actions/cache](https://github.com/actions/cache) from 4 to 5.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-20 14:30:49 +01:00
maxlerebourg
a9d83f2097 Separate TLS conf for LAPI and Appsec (#293) 
*   Separate TLS conf for LAPI and Appsec

* 🍱 fix lint

* 🍱 fix test

* 🍱 fix lint

* 🍱 fix lint

* 🍱 fix lint

* 🍱 fix lint ?

* 🍱 fix lint

* 🍱 Add default for traceCustomHeaders
v1.4.7 		2025-12-11 07:58:12 +01:00
omer
e20ccc5d0c Add support for injecting request header value into ban HTML template (#296) 
* Add parameter to specify Request header value to inject in HTML template

* Add documentation for specifying request header value

* Fix example in docs for CustomHeader

* Update parameter name to traceCustomHeader

* Ensure naming is consitent with project
 2025-12-10 07:54:07 +01:00
dependabot[bot]
50beb4294f ⬆️ Bump actions/checkout from 5 to 6 (#294) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-27 15:40:18 +01:00
maxlerebourg
4ab4f3f183 Transform banTemplate to add blocking reason and client IP (#290) 
*  Transform banTemplate to add blocking reason

* 🍱 fix test

* 🍱 fix lint

* 🍱 fix test

* 🍱 fix lint

* 🍱 fix lint

* 🍱 add doc and fix lint

* 🍱 fix lint

* 🍱 fix lint

* 🍱 fix lint

* 🍱 fix lint

* 🍱 fix lint

* 🍱 lint html

* 🍱 fix comments + fix wicketpeeker readme

* 🍱 Give ClientIP in ban page

* 🍱 fix test
v1.4.6 		2025-11-15 10:42:14 +01:00
usr3
2aac531ea7 📝 docs: fix captcha profile reference doc link (#289) 
Fixed broken link referencing the captcha profile in Crowdsec documentation
 2025-10-30 14:20:02 +01:00
Patrick Evans
e8e60c958f 📝 docs: fix wicketkeeper name references (#285) 2025-10-19 12:53:07 +02:00
David
a2d3708bc3 Do not cache decisions if DefaultDecisionSeconds=0 (#280) 
* xx

* Remove outdated comment on decision caching

Remove comment about decision caching based on timeout.

---------

Co-authored-by: maxlerebourg <maxlerebourg@gmail.com>
 2025-10-18 11:58:00 +02:00
David
65a2f79fb3 🐛Not write response body for HEAD requests (#277) 
* Fixes

* XX

* Fix

* 🍱 Lint

* 🍱 remove useless comments

---------

Co-authored-by: Max Lerebourg <maxlerebourg@gmail.com>
 2025-10-06 11:19:19 +02:00
dependabot[bot]
a2ecc95dc9 ⬆️ Bump actions/setup-go from 5 to 6 (#268) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5 to 6.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-08 16:23:10 +02:00
maxlerebourg
7c4f5163e9 add custom selfhosted captcha (#259) 
*  Add wicketkeeper captcha

*  Anom config

* 🍱 fix readme

* 🍱 fix lint

* 🍱 fix lint

* 🍱 normalize

* 🍱 fix lint

* 🍱 fix lint

*  Add env for RemediationStatusCode (#250)

*  Add env for defaultStatusCode

* 📝 doc

* change name of the parameter

* 🔧 Add config check

* fix lint

* 📈 Report traffic dropped metrics to LAPI (#223)

* Initial implementation

* fix

* fixes

* Fixes

* xx

* progress

* xx

* xx

* xx

* fix linter

* Progress

* Fixes

* xx

* xx

* Remove trace logger

* Last fix

* fix lint

* fix lint

* fix lint

---------

Co-authored-by: Max Lerebourg <maxlerebourg@gmail.com>

*  Anom config

* 🍱 fix readme

* 🍱 fix lint

* 🍱 normalize

* 🍱 fix lint

* 📝 Add documentation

* 📝 Fix example and makefile and doc for wicketkeeper

* 🍱 fix last things

* 🍱 add disclaimer to use maxlerebourg docker image

* 🍱 Use official wicketpeeker image

* 🍱 revert unnecessary code

* 🍱 fix

---------

Co-authored-by: David <deivid.garcia.garcia@gmail.com>
Co-authored-by: max.lerebourg <max.lerebourg@monisnap.com>
Co-authored-by: mhx <mathieu@hanotaux.fr>
v1.4.5 		2025-09-01 19:41:45 +02:00
dependabot[bot]
734975c206 ⬆️ Bump github.com/maxlerebourg/simpleredis (#262) 
Bumps [github.com/maxlerebourg/simpleredis](https://github.com/maxlerebourg/simpleredis) from 1.0.11 to 1.0.12.
- [Release notes](https://github.com/maxlerebourg/simpleredis/releases)
- [Commits](https://github.com/maxlerebourg/simpleredis/compare/v1.0.11...v1.0.12)

---
updated-dependencies:
- dependency-name: github.com/maxlerebourg/simpleredis
  dependency-version: 1.0.12
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-18 12:00:02 +02:00
dependabot[bot]
7397834e58 ⬆️ Bump actions/checkout from 4 to 5 (#261) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-18 11:59:31 +02:00
David
84a5674b14 📈 Report traffic dropped metrics to LAPI (#223) 
* Initial implementation

* fix

* fixes

* Fixes

* xx

* progress

* xx

* xx

* xx

* fix linter

* Progress

* Fixes

* xx

* xx

* Remove trace logger

* Last fix

* fix lint

* fix lint

* fix lint

---------

Co-authored-by: Max Lerebourg <maxlerebourg@gmail.com>
v1.4.4 		2025-07-02 11:36:09 +02:00
maxlerebourg
de7e382fde Add env for RemediationStatusCode (#250) 
*  Add env for defaultStatusCode

* 📝 doc

* change name of the parameter

* 🔧 Add config check

* fix lint
v1.4.3 		2025-07-01 21:59:12 +02:00
gptlang
abae855d9e Set traefik logs to json so it can actually be parsed (#235) 2025-05-07 11:22:27 +02:00
Lluís D.
4bb6e830dc Fix query of the GET /decisions endpoint (#236) 
- banned=true query parameter doesn't exist based on LAPI
  dcoumentation, remove it
 2025-04-28 16:12:54 +02:00
mathieuHa
78869ecf77 🔧 Add support for logLevel in any case (#231) 2025-04-06 10:41:16 +02:00
maxlerebourg
7f99266f99 📝 doc: rename RedisUnreachableBlock to RedisCacheUnreachableBlock (#230) 2025-04-05 11:34:06 +02:00
mathieuHa
5418d35feb feat(logs) add supports write logs to files (#217) 
*  feat(logs) add supports write logs to files

* fix(lint) 🚨 fix go lint

* 🐛 fix(bug) check path is done only if provided

* 📝 doc(vars) add LogFilePath to vars

* 🦺 chore(review) update doc, configuration check and logger
v1.4.2 		2025-03-31 20:19:44 +02:00
maxlerebourg
a184ae6db9 💄 Center recaptcha div (#225) 2025-03-25 09:34:06 +01:00
blotus
e4c84409e7 🔨 always set custom remediation header if configured for bans (#218) 2025-02-17 14:02:21 +01:00
maxlerebourg
4708d76854 Add variable to not block if redis is unreachable (#214) 
*  Add variable to not block if redis is unreachable

* 🚨 fix lint

* 📝 Update README.md
v1.4.1 		2025-02-10 20:10:29 +01:00
maxlerebourg
c34d7f4617 🍱 Fix lint (#211) 2025-01-29 08:14:15 +01:00
mathieuHa
0e9620bfe9 👷 chore(ci) bump CI and automate dep updates (#210) 
* 👷 chore(ci) bump CI and automate dep updates

* 🚨 chore(go) fix golang lint

* 🍱 fix lint

---------

Co-authored-by: Max Lerebourg <maxlerebourg@gmail.com>
v1.4.0 		2025-01-29 08:07:04 +01:00
maxlerebourg
92f05b0ba5 [BREAKING-CHANGE] Add CrowdsecAppsecBodyLimit (#208) 
*  Add CrowdsecAppsecBodyLimit

* 🍱 fix lint

* 🍱 fix lint

* 🍱 fix error on main
 2025-01-24 21:04:45 +01:00
Tobias Heinze
980a7dd05e Add AppSec Path Variable (#202) 
* Added Appsec Path config Variable

*  Add path env var for lapi and appsec

* 🍱 Update README.md

---------

Co-authored-by: Tobias Heinze <tobias.heinze@telekom.de>
Co-authored-by: Max Lerebourg <maxlerebourg@gmail.com>
 2025-01-24 20:12:30 +01:00
mathieuHa
5c8a60118f 🐛 fix(user-agent) add version in ua to reduce warning logs from crowd… (#195) 
* 🐛 fix(user-agent) add version in ua to reduce warning logs from crowdsec LAPI

* 🐛 fix(user-agent) add version in ua to reduce warning logs from crowdsec LAPI

* 🐛 fix(user-agent) remove whitespaces

* 🐛 fix(user-agent) Add Cap for Bouncer

---------

Co-authored-by: maxlerebourg <maxlerebourg@gmail.com>
v1.3.5 		2024-10-24 21:39:53 +02:00
mathieuHa
8fb0a016b6 Add Traefik Crowdsec Plugin Basic User Agent (#192) 
*  Add Traefik Crowdsec Plugin Basic User Agent
v1.3.4 		2024-10-05 13:15:34 +02:00
maxlerebourg
45d5f38c4d add remediation header when plugin made decision (#189) 
*  add remediation header when plugin made decision

* 🍱 add documentation
v1.3.4-beta1 		2024-09-25 19:30:27 +02:00
maxlerebourg
f1de1c924e 🔨 174 fix classname for Turnstile (#178) 
Co-authored-by: max.lerebourg <max.lerebourg@monisnap.com>
v1.3.3-beta1 v1.3.3 		2024-06-19 20:13:49 +02:00
mathieuHa
36e6043c32 📝 doc(cache) Specify that local cache is in memory and not in the filesystem (#177) 2024-06-09 16:20:55 +02:00
maxlerebourg
123cf15434 Add CrowdsecAppsecUnreachableBlock (#175) 
*  Add CrowdsecAppsecUnreachableBlock

* 🍱 update readme

* 🍱 fix lint

* 🍱 fix lint
v1.3.2 		2024-06-09 10:59:45 +02:00
mathieuHa
f89c5e25a9 ✏️ fix(validation) Replace typo on CaptchaProvider config validation (#176) 2024-06-09 10:47:17 +02:00
maxlerebourg
58946d9fa2 📄 Update README.md for lang doc (#170) 2024-05-22 11:24:11 +02:00
mathieuHa
6187a722ca 167 feature update to go 122 (#168) 
* ⬆️ Upgrade golang version

* 🚨 Optimize Lint for strings

* 🔒️ Add allow list of packages

* 🚨 Fix final lint

* 👷 Update ci

* 🍱 upgrade dependencies

* 🍱 fix comment

---------

Co-authored-by: Max Lerebourg <maxlerebourg@gmail.com>
 2024-05-18 13:20:14 +02:00
maxlerebourg
70ad0365f0 🐛 fix content-type header for ban and captcha page (#166) 
* 🍱 fix content-type header for ban and captcha page

* 🍱 Add comment to warn future developer

---------

Co-authored-by: max.lerebourg <max.lerebourg@monisnap.com>
v1.3.1 		2024-05-16 18:40:28 +02:00
mathieuHa
8975216af8 📝 Update readme on loglevel written to stdout/stderr (#164) 2024-05-16 09:32:14 +02:00
mathieuHa
e6b10b8ac4 ⬆️ 📝 Update exemples and version traefik 3, crowdsec 1.6.1-2, plugin … (#160) 
* ⬆️ 📝 Update exemples and version traefik 3, crowdsec 1.6.1-2, plugin 1.3.0

* 📝 🐛 Fix race in exemple and doc for tls
 2024-05-01 20:03:19 +02:00
mathieuHa
1f11531509 📝 Update doc for appsec with required collection and upgrade images (#158) 2024-05-01 19:50:00 +02:00
mathieuHa
ee97250acf Add grace period to reach LAPI without blocking further queries (#153) 
*  Add grace period to reach LAPI without blocking further queries

* 🐛 Fix config validation for maxFailedStreamUpdate

* 🚨 Fix some lint issue

* 🚨 Bypass lint complexity on ServeHTTP

* 🍱 fix and improve

* 🚨 Fix lint

* 🚨 Fix lint

* 🐛 Fix logic for update max failure

* 📝 Update doc and docker compose local reset

* 🍱 fix log nightmare

* 🍱 fix

---------

Co-authored-by: max.lerebourg <max.lerebourg@monisnap.com>
 2024-05-01 18:07:44 +02:00
mathieuHa
b6a0404efd Add user-agent header from crowdsec (#149) 
*  Add user-agent header from crowdsec

* 🐛 : https://github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin/issues/151

---------

Co-authored-by: maxlerebourg <maxlerebourg@gmail.com>
v1.3.0-beta4 v1.3.0 		2024-04-16 13:26:46 +02:00
mathieuHa
a0e701f985 📝 Update typo on doc for ban custom page (#147) 2024-04-05 09:30:49 +02:00
mathieuHa
b8dd883bb6 130 feature custom html error page integration on 403 like captcha but for ban (#145) 
*  Add ban html template

* 📝 Add doc for custom ban page

* ⚰️ Remove old code due to merge

* ✏️ Fix merge remaining in html

*  render banTemplate from html/template to string

* 🚨 : fix lint

---------

Co-authored-by: max.lerebourg <max.lerebourg@monisnap.com>
v1.3.0-beta3 		2024-04-04 21:32:31 +02:00
mathieuHa
cb4f95d5d0 📝 Add first diagrams (#144) 
* 📝 Add first diagrams

* 📝 Add diagram for none mode

* 📝 Add diagrams for each mode

* 📝 Fix rendering

* 📝 Fix chart rendering

* 🍱 fix readme

* 🍱 fix readme

---------

Co-authored-by: maxlerebourg <maxlerebourg@gmail.com>
Co-authored-by: max.lerebourg <max.lerebourg@monisnap.com>
 2024-04-04 07:26:30 +02:00
mathieuHa
615e7ccf69 Add ban html template (#142) 
*  Add ban html template

* 📝 Add doc for custom ban page

* 🍱 fix Mathieu work

* 🍱 fix lint

* 🍱 fix lint

* 🍱 fix lint

* 🍱 fix lint

---------

Co-authored-by: Max Lerebourg <maxlerebourg@gmail.com>
 2024-04-03 17:58:18 +02:00