mirror of
https://github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin.git
synced 2025-11-08 15:15:05 +01:00
c29d8a20d3
* 📝 Add documentation exemple 4 for vm binary usage * :hammer:Update binary version * 🔨 update * 🔨 update * 🚧 Working Crowdsec with tls auth * 🐛 Add changes to download the plugin from the service * 🔧 Add config middle for https * 🔧 Update config for the exemple * 🔧 Add conf for certs, working example * 📝 Add doc for binary vm Readme * 📝 update documentation for exemple and make * 🚨 Fix lint * 🚨 Fix Lint End of File
63 lines
1.8 KiB
YAML
63 lines
1.8 KiB
YAML
common:
|
|
daemonize: true
|
|
pid_dir: /var/run/
|
|
log_media: file
|
|
log_level: debug
|
|
log_dir: /var/log/
|
|
log_max_size: 20
|
|
compress_logs: true
|
|
log_max_files: 10
|
|
working_dir: .
|
|
config_paths:
|
|
config_dir: /etc/crowdsec/
|
|
data_dir: /var/lib/crowdsec/data/
|
|
simulation_path: /etc/crowdsec/simulation.yaml
|
|
hub_dir: /etc/crowdsec/hub/
|
|
index_path: /etc/crowdsec/hub/.index.json
|
|
notification_dir: /etc/crowdsec/notifications/
|
|
plugin_dir: /usr/lib/crowdsec/plugins/
|
|
crowdsec_service:
|
|
acquisition_path: /etc/crowdsec/acquis.yaml
|
|
acquisition_dir: /etc/crowdsec/acquis.d
|
|
parser_routines: 1
|
|
cscli:
|
|
output: human
|
|
color: auto
|
|
db_config:
|
|
log_level: info
|
|
type: sqlite
|
|
db_path: /var/lib/crowdsec/data/crowdsec.db
|
|
#max_open_conns: 100
|
|
#user:
|
|
#password:
|
|
#db_name:
|
|
#host:
|
|
#port:
|
|
flush:
|
|
max_items: 5000
|
|
max_age: 7d
|
|
plugin_config:
|
|
user: nobody # plugin process would be ran on behalf of this user
|
|
group: nogroup # plugin process would be ran on behalf of this group
|
|
api:
|
|
client:
|
|
insecure_skip_verify: false
|
|
credentials_path: /etc/crowdsec/local_api_credentials.yaml
|
|
server:
|
|
log_level: debug
|
|
listen_uri: 127.0.0.1:8080
|
|
profiles_path: /etc/crowdsec/profiles.yaml
|
|
console_path: /etc/crowdsec/console.yaml
|
|
online_client: # Central API credentials (to push signals and receive bad IPs)
|
|
credentials_path: /etc/crowdsec/online_api_credentials.yaml
|
|
trusted_ips: # IP ranges, or IPs which can have admin API access
|
|
- 127.0.0.1
|
|
tls:
|
|
cert_file: /etc/crowdsec/certs/server.pem #Server side cert
|
|
key_file: /etc/crowdsec/certs/server-key.pem #Server side key
|
|
ca_cert_path: /etc/crowdsec/certs/inter.pem #CA used to verify the client certs
|
|
bouncers_allowed_ou: #OU allowed for bouncers
|
|
- bouncer-ou
|
|
agents_allowed_ou: #OU allowed for agents
|
|
- agent-ou
|