Hi all,
I’ve seen there is a docker with Nginx Proxy Manager and CrowdSec, but I’m currently running NPM within a LXC container.
Is there a way to get CrowdSec installed with this config and also have it do blocking?
For what it’s worth I am using CloudFlare as to host my domain.
If this is possible, is there any step by step guides for a total n00b.
LXC is an OS container. You can use it like any OS. Go into the container shell and install crowdsec.
Thank you.
I got it installed and a bouncer.
I see a load going on in Remediation Metrics, but no alerts, and if I do cscli decision list there is never anything blocked.
Either my Nginx is super lucky or I didn’t complete something to do the actual blocking?
I tried brute SSH in as well and there was nothing flagged in the crowdsec logs.
Do you have any idea what I missed?
Most likely since its in a container it most likely couldnt automatically setup the logs acquisitions, best to walk through the post installation guide:
So we see the error.log but where are the typical access.log? this is probably what is missing
I just added the access.log from the same nginx directory but its empty…
You should check around, as NPM most likely is changing where the logs end up, but I dont use it so got no idea.
volumes:
- ./data:/data
we use in our examples so most likely within /data/
Ok I think I got it.
Nginx was logging to /data/logs/fallback_access.log and fallback_error.log
I added these 2 to the ‘acquis.yaml’ file.
Restarted and now I see a ton of blocks in the decision list -a
So think its working now. Just wondering if they will show up in the Alerts tab within the CrowdSec hub?
Ironically now my ‘metrics show acquisitions’ is now empty?
Hi, is it working as expected? I get the same everytime I try, and not sure if it is fully functional then.