CrowdSec
ΠΠ°Π·Π°Π΄:: ΡΠΏΠΈΡΠΎΠΊ ΡΠ°Π±Π»ΠΎΠ½ΠΎΠ²
ΠΡΠ΅Π΄Π½Π°Π·Π½Π°ΡΠ΅Π½ Π΄Π»Ρ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΡ Π² ΡΠ²ΡΠ·ΠΊΠ΅ Ρ Traefik
ΠΠ»Ρ ΠΏΠΎΠ΄ΠΊΠ»ΡΡΠ΅Π½ΠΈΡ ΠΊ Traefik bouncer Π½Π΅ΠΎΠ±Ρ ΠΎΠ΄ΠΈΠΌΠΎ ΡΠ³Π΅Π½Π΅ΡΠΈΡΠΎΠ²Π°ΡΡ ΡΠΎΠΊΠ΅Π½ ΠΊΠ»ΡΡ ΠΊΠΎΠΌΠ°Π½Π΄ΠΎΠΉ:
docker exec crowdsec cscli bouncers add bouncer-traefik
services:
crowdsec:
image: crowdsecurity/crowdsec:latest
container_name: crowdsec
environment:
GID: "${GID-1000}"
COLLECTIONS: "crowdsecurity/linux crowdsecurity/traefik"
volumes:
- ./acquis.yaml:/etc/crowdsec/acquis.yaml
- ./db:/var/lib/crowdsec/data/
- ./config:/etc/crowdsec/
- /home/deniom/docker/traefik/logs:/var/log/traefik/:ro
ports:
Β Β Β - 6060:6060
networks:
- proxy
security_opt:
- no-new-privileges:true
restart: unless-stopped
bouncer-traefik:
image: docker.io/fbonalair/traefik-crowdsec-bouncer:latest
container_name: bouncer-traefik
environment:
CROWDSEC_BOUNCER_API_KEY: <ApiKey>
CROWDSEC_AGENT_HOST: crowdsec:8080
networks:
- proxy
depends_on:
- crowdsec
restart: unless-stopped
security_opt:
- no-new-privileges:true
networks:
proxy:
external: true