Not sure if Cloudflare bouncer works correctly here.
In the bouncer log:
time=“26-01-2023 21:45:04” level=fatal msg=“LAPI can’t be reached”
But in crowdsec log /v1/decisions/stream returned 200
Heres is my config
###############################################
#### Crowdsec #####
###############################################
crowdsec:
image: crowdsecurity/crowdsec:latest
container_name: crowdsec
restart: unless-stopped
environment:
GID: "${GID-1000}"
COLLECTIONS: "crowdsecurity/linux crowdsecurity/linux-lpe crowdsecurity/traefik crowdsecurity/sshd crowdsecurity/base-http-scenarios crowdsecurity/http-cve" #<== define collection to analyse the logs of those containers
depends_on:
- traefik
ports:
- 127.0.0.1:8080:8080
volumes:
- ./crowdsec-data/config/acquis.yaml:/etc/crowdsec/acquis.yaml
- ./crowdsec-data/config/db:/var/lib/crowdsec/data/
- ./crowdsec-data/config/config:/etc/crowdsec/
- /var/run/docker.sock:/var/run/docker.sock:ro
- /var/log/:/var/log/:ro
networks:
- proxy
bouncer-cloudflare:
image: crowdsecurity/cloudflare-bouncer:latest
container_name: proxy-bouncer-cloudflare
restart: always
networks:
- proxy
depends_on:
- crowdsec
volumes:
- ./crowdsec-data/bouncer/cloudflare/cfg.yaml:/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml
# CrowdSec Config
crowdsec_lapi_url: http://crowdsec:8080/
crowdsec_lapi_key: ******************************** #docker exec crowdsec cscli -oraw bouncers add cloudflare-bouncer
crowdsec_update_frequency: 10s
include_scenarios_containing: [] # ignore IPs banned for triggering scenarios not containing either of provided word, eg ["ssh", "http"]
exclude_scenarios_containing: [] # ignore IPs banned for triggering scenarios containing either of provided word
only_include_decisions_from: [] # only include IPs banned due to decisions orginating from provided sources. eg value ["cscli", "crowdsec"]
#Cloudflare Config.
cloudflare_config:
accounts:
- id:
token:
ip_list_prefix: crowdsec
default_action: block # valid choices are either of challenge, js_challenge, block
total_ip_list_capacity: 10000 # only this many latest ip scoped decisions would be kept
zones:
- actions:
- block # valid choices are either of challenge, js_challenge, block
zone_id:
update_frequency: 30s # the frequency to update the cloudflare IP list
# Bouncer
daemon: true
log_mode: file
log_dir: /var/log/
log_level: debug # valid choices are either debug, info, error
log_max_size: 40
log_max_age: 30
log_max_backups: 3
compress_logs: true
prometheus:
enabled: false
# listen_addr: 127.0.0.1
# listen_port: 2112