Bouncer not found?

crowdsec
1

Hello,
I had traefik, crowdsec and the bouncer working for many months until few days ago (few updates have been done and I didn’t check any logs when done).
All these docker are done using portainer. In proxmox/portainer all three dockers are in the same docker network.
But:

root@proxmox-ve:/mnt/user/appdata/docker# curl http://crowdsec:8080
curl: (6) Could not resolve host: crowdsec

My crowdsec config

version: "3.4"
services:
  crowdsec:
    image: crowdsecurity/crowdsec:latest
    container_name: crowdsec
    expose:
      - 8088
    environment:
      GID: "${GID-1000}"
      COLLECTIONS: "crowdsecurity/linux crowdsecurity/traefik crowdsecurity/http-cve"
      TZ: "Europe/eeee"
    volumes:
      - /mnt/user/appdata/docker/crowdsec/acquis.yaml:/etc/crowdsec/acquis.yaml
      - /mnt/user/appdata/docker/crowdsec/data:/var/lib/crowdsec/data/
      - /mnt/user/appdata/docker/crowdsec:/etc/crowdsec/
      - /var/log/crowdsec/:/var/log/crowdsec/
    networks:
      - mynetwork
    restart: unless-stopped

  bouncer-traefik:
    image: docker.io/fbonalair/traefik-crowdsec-bouncer:latest
    container_name: bouncer-traefik
    environment:
      CROWDSEC_BOUNCER_API_KEY: Xxxxxxxxxxxxxhg
      CROWDSEC_AGENT_HOST: crowdsec:8080
      GIN_MODE: release
    networks:
      - mynetwork # same network as traefik + crowdsec
    depends_on:
      - crowdsec
    restart: unless-stopped
networks:
  mynetwork:
    external: true

The error message I have:

time="2024-03-24T15:10:31Z" level=error msg="UnmarshalJSON : invalid character 'i' in literal true (expecting 'r')" line="time=\"2024-03-24T17:10:31+02:00\" level=error msg=\"middleware \\\"crowdsec-bouncer@file\\\" does not exist\" routerName=traefik-secure@docker entryPointName=https"
time="2024-03-24T15:10:31Z" level=warning msg="failed to run filter : invalid character 'i' in literal true (expecting 'r') (1:1)\n | UnmarshalJSON(evt.Parsed.message, evt.Unmarshaled, \"traefik\") in [\"\", nil]\n | ^" id=wild-glade name=child-crowdsecurity/traefik-logs stage=s01-parse
time="2024-03-24T15:10:54Z" level=info msg="127.0.0.1 - [Sun, 24 Mar 2024 15:10:54 UTC] \"GET /v1/heartbeat HTTP/1.1 200 125.03273ms \"crowdsec/v1.6.0-4192af30\" \""
time="2024-03-24T15:11:54Z" level=info msg="127.0.0.1 - [Sun, 24 Mar 2024 15:11:54 UTC] \"GET /v1/heartbeat HTTP/1.1 200 58.943696ms \"crowdsec/v1.6.0-4192af30\" \""

When trying to have access from outside to my webserver, I do have an error message like “Forbidden” and these error messages:

time="2024-03-24T15:13:38Z" level=error msg="while fetching bouncer info: ent: bouncer not found" ip=172.18.0.2
time="2024-03-24T15:13:38Z" level=info msg="172.18.0.2 - [Sun, 24 Mar 2024 15:13:38 UTC] \"GET /v1/decisions?type=ban&ip=162.158.87.52 HTTP/1.1 403 551.294µs \"Go-http-client/1.1\" \""
time="2024-03-24T15:13:39Z" level=error msg="while fetching bouncer info: ent: bouncer not found" ip=172.18.0.2
time="2024-03-24T15:13:39Z" level=info msg="172.18.0.2 - [Sun, 24 Mar 2024 15:13:39 UTC] \"GET /v1/decisions?type=ban&ip=162.158.86.151 HTTP/1.1 403 661.961µs \"Go-http-client/1.1\" \""
time="2024-03-24T15:13:54Z" level=info msg="127.0.0.1 - [Sun, 24 Mar 2024 15:13:54 UTC] \"GET /v1/heartbeat HTTP/1.1 200 71.65925ms \"crowdsec/v1.6.0-4192af30\" \""

Ideas ?
Thx

2

Hi,
I have found the problem I had.
I have to regenerate the API key, my mistake.
Thx anyway.

1 Like
3

Thanks!
I’ve just had the same issue after uprgading crowdsec in a kubernetes environment. Re-generating the lapi key was needed for me too.