mirror of
https://github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin.git
synced 2025-11-08 15:15:05 +01:00
c29d8a20d3
* 📝 Add documentation exemple 4 for vm binary usage * :hammer:Update binary version * 🔨 update * 🔨 update * 🚧 Working Crowdsec with tls auth * 🐛 Add changes to download the plugin from the service * 🔧 Add config middle for https * 🔧 Update config for the exemple * 🔧 Add conf for certs, working example * 📝 Add doc for binary vm Readme * 📝 update documentation for exemple and make * 🚨 Fix lint * 🚨 Fix Lint End of File
1.5 KiB
1.5 KiB
Install vagrant
On linux
curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.asc
echo "deb [ signed-by=/usr/share/keyrings/hashicorp-archive-keyring.asc ] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt-get update && sudo apt-get install vagrant
Install libvirt
sudo apt install -y qemu-kvm virt-manager libvirt-daemon-system virtinst libvirt-clients bridge-utils
sudo systemctl enable --now libvirtd
sudo systemctl start libvirtd
sudo usermod -aG kvm $USER
sudo usermod -aG libvirt $USER
Install the plugin vagrant-libvirt
vagrant plugin install vagrant-libvirt
Start the VM
sudo vagrant up --provider=libvirt
Destroy the VM
sudo vagrant destroy -f
SSH in the VM
sudo vagrant ssh
Context
Traefik is installed as a systemd service. It is configured with the dashboard activated and listening on port 8081 and port 80 for the web
Crowdsec is started and listening on port 8080. Certificates are generated on the provision step of vagrant.
Whoami is installed as a systemd service. It is configured to listen on port 9000.
Whoami is accessible from traefik on port 80 at any domain and path
For example: curl http://localhost:80/test
The Plugin / Bouncer use certificates to validate the server certificates and authenticates with the Crowdsec local api.