Problems installing nginx-bouncer in k3s


some word about my setup. I’m running a k3s with nginx instead of traefik on a Pi 4.

First i’ve installed crowdsec on this machine to secure SSH and it runs like a charm.

Next step is to install crowdsec in my k8s cluster to secure nginx and web access.

So i installed crowdsec like described on this page:

This also works without problems.

Last step is to install ingress bouncer a described here:

The instructions actually lead to a second container being started in addition to the nginx-contoller. However, the script for this container fails.

The error message is:

/ line 63: syntax error: bad substitution

Here’s the yaml for the nginx HELM chart:

    - name: crowdsec-bouncer-plugin
      emptyDir: {}
    - name: init-clone-crowdsec-bouncer
      image: crowdsecurity/lua-bouncer-plugin
      imagePullPolicy: IfNotPresent
        - name: API_URL
          value: "http://crowdsec-service.crowdsec.svc.cluster.local:8080" # crowdsec lapi service-name
        - name: API_KEY
          value: "akeythatnoonemustknow"
        - name: BOUNCER_CONFIG
          value: /crowdsec/crowdsec-bouncer.conf
        - name: BAN_TEMPLATE_PATH
          value: /etc/nginx/lua/plugins/crowdsec/templates/ban.html
          "sh /; mkdir -p /lua_plugins/crowdsec/; cp -R /crowdsec/* /lua_plugins/crowdsec/",
        - name: crowdsec-bouncer-plugin
          mountPath: /lua_plugins
    - name: crowdsec-bouncer-plugin
      mountPath: /etc/nginx/lua/plugins/crowdsec
      subPath: crowdsec
    plugins: "crowdsec"
    lua-shared-dicts: "crowdsec_cache: 50m"
    server-snippet: |
      resolver local=on ipv6=off;

I am at my wit’s end. Does anyone have any idea what I am doing wrong? Is there a conflict between the installation in the cluster and on the machine?

Thank you in advance.

Just to make sure, was this resolved via email support? or are you another user with a super similar issue we had via email?


i could resolve this problem by changing the command into:

          "apk update; apk add bash; bash /; mkdir -p /lua_plugins/crowdsec/; cp -R /crowdsec/* /lua_plugins/crowdsec/",

The reason for this problem seems that the script “” needs a bash.

However, there was no email contact. I solved this alone.

Okay just we had a similar issue via email. Yeah I mark yours as solution as this is the fix we have seen in systems that dont inherit bash as default shell.

1 Like