nginx-1642508064 v0.0.7 on Ubuntu Server 20.04.3, apt installation with dashboard setup.
tail -f /var/log/crowdsec_lua_bouncer.log repeatedly shows
ERROR Http error timeout while talking to LAPI (http://127.0.0.1:8080/v1/decisions?ip=10.0.0.1)
10.0.0.1 is my router in my 10.0.0.1/24 LAN space. Where is the bouncer pulling that address from, and could that be the problem? No manual decisions from LAPI are enforced, only CAPI.
update:
DEBUG '10.0.0.1' is in cache
Hello,
Is the CrowdSec local API installed on the same machine than the nginx bouncer ?
Thanks for responding.
Yes it is on the same machine. I deleted both machine and bouncer and added them back (with machines validate), but still no go. A weird thing though: nginx-bouncer got the wrong api key in the conf which first lead to 403, but after changing to the correct one and reloading it again repeatedly times out. I can call the lapi from localhost manually with curl and nginx-bouncer key and get valid returns.
sudo cscli lapi status gives:
INFO[02-02-2022 09:53:23 PM] Loaded credentials from /etc/crowdsec/local_api_credentials.yaml
INFO[02-02-2022 09:53:23 PM] Trying to authenticate with username [redacted] on http://127.0.0.1:8080/
INFO[02-02-2022 09:53:23 PM] You can successfully interact with Local API (LAPI)
sudo netstat -tulpn | grep :8080 gives:
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 3703/crowdsec
Hello,
To answer your first question:
10.0.0.1 is my router in my 10.0.0.1/24 LAN space. Where is the bouncer pulling that address from, and could that be the problem?
The NGINX bouncer ask to the local API for this IP because this IP made a HTTP request to your nginx webserver.
Can you please paste the content of /var/log/crowdsec_api.log ?