I installed Crowdsec and Crowdsec firewall bouncer on Home Assistant, and it is working great. Thank you for that.
I am using Cloudflare Tunnel for remote access to Home Assistant.
I would like to use the Cloudflare bouncer as a Home Assistant add-on to block on the edge and not HA itself
I forked the add-on repo and created a new add-on cloudflare bouncer add-on based on the cloudflare firewall bouncer add-on.
https:// GitHub - krisbogaerts/home-assistant-addons: Home Assistant Crowdsec Addons
I switched to Debian package installation because of problems with the assisted installs and package versions.
Currently, it installs successfully on arm64 but the LAPI connection fails
time=“02-09-2022 07:35:23” level=fatal msg=“LAPI can’t be reached”
The connectivity itself is working, a telnet to the configured address on port 8080 connects
Manually running crowdsec-cloudflare-bouncer -s from docker also creates the Cloudflare rules
This is the generated config file:
include_scenarios_containing: # ignore IPs banned for triggering scenarios not containing either of provided word, eg [“ssh”, “http”]
exclude_scenarios_containing: # ignore IPs banned for triggering scenarios containing either of provided word
only_include_decisions_from: # only include IPs banned due to decisions orginating from provided sources. eg value [“cscli”, “crowdsec”]
total_ip_list_capacity: # only this many latest ip scoped decisions would be kept
- managed_challenge # valid choices are either of managed_challenge, js_challenge, block
update_frequency: 30s # the frequency to update the cloudflare IP list
log_level: info # valid choices are either debug, info, error
Trying to understand why it does not use the LAPI URL from the config file?
root@8ceb5262-crowdsec-cloudflare-bouncer:/# crowdsec-cloudflare-bouncer -c /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml
time=“02-09-2022 07:49:30” level=fatal msg=“LAPI can’t be reached”