Hello, I have a Crowdsec main server local that runs on an LXC container Proxmox Debian 12 and then I have other servers that are connected to the main server.
I have the problem that after a Proxmox restart my servers always have no heartbeat except for the main server (192.168.177.xx local api).
Does anyone know where the error is?
If I delete the machine and create it again (sudo cscli machines validate) then it shows me a heartbeat but only until I restart again, after which there is no more heartbeat.
On the LXC are you persisting the /etc/crowdsec directory, this is where the configuration files are held and if they are not persisted after a reboot it will wipe them.
Hello, thank you very much. I don’t understand exactly what I have to do. Can the main server on which the local API runs not start or do I have to store the folder on an external storage device such as a NAS?
etc in Mainserver my local api:
etc in Server:
Hi have you any Idea ? If I Reboot the files are not wiped.
Update: I Got this Error on all Server who not work after Reboot:
systemctl status crowdsec
Aug 27 00:55:46 AdGuard systemd[1]: Starting crowdsec.service - Crowdsec agent…
Aug 27 00:55:46 AdGuard crowdsec[151]: time=“2024-08-27T00:55:46+02:00” level=fatal msg=“unable to start crowdsec routines:authenticate watcher (da7db0d5e1f14d77a2dded5aef8843b3tHRUQic3GdGrfqv): Post"http://192.168.178.xx:xxxx/v1/watchers/login": performing jwt auth: dial tcp 192.168.178.xx:xxxx: connect: connection refused”
Aug 27 00:55:46 AdGuard systemd[1]: crowdsec.service: Control process exited, code=exited, status=1/FAILURE
Aug 27 00:55:46 AdGuard systemd[1]: crowdsec.service: Failed with result ‘exit-code’.
Aug 27 00:55:46 AdGuard systemd[1]: Failed to start crowdsec.service - Crowdsec agent.
When i try
sudo systemctl restart crowdsec
all works fine.
So from the last error from AdGuard maybe your lxc’s are coming up in an order when one is reliant on another and because the main LAPI is not coming up first the rest fail.
Hi thanks,
i tryed this in the crowdsec.service of my main Lapi (CrowdSec Main Server)
[Unit]
Description=Crowdsec agent
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=notify
Environment=LC_ALL=C LANG=C
PIDFile=/var/run/crowdsec.pid
ExecStartPre=/usr/bin/crowdsec -c /etc/crowdsec/config.yaml -t
ExecStart=/usr/bin/crowdsec -c /etc/crowdsec/config.yaml -no-api
#ExecStartPost=/bin/sleep 0.1
ExecReload=/bin/kill -HUP $MAINPID
Restart=on-failure
RestartSec=5s
[Install]
WantedBy=multi-user.target
I added:
Restart=on-failure
RestartSec=5s
and now it Works fine. Is this a good Solution ?
