Compose-Examples/examples/crowdsec/docker-compose.yml

35 lines
1.3 KiB
YAML
Raw Normal View History

2024-10-22 00:39:08 +00:00
services:
crowdsec:
2024-11-28 08:54:50 +00:00
image: crowdsecurity/crowdsec:v1.6.4
2024-10-22 00:39:08 +00:00
container_name: crowdsec
restart: unless-stopped
ports:
- 127.0.0.1:9876:8080 # http api for local fw bouncers
- 127.0.0.1:6060:6060 # metrics endpoint for prometheus
2024-10-22 00:39:08 +00:00
expose:
2024-10-27 12:04:24 +00:00
- 8080 # http api for bouncers
- 6060 # metrics endpoint for prometheus
- 7422 # appsec waf endpoint
2024-10-22 00:39:08 +00:00
volumes:
2024-10-22 13:24:44 +00:00
# crowdsec container data
2024-10-22 00:39:08 +00:00
- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/crowdsec/data:/var/lib/crowdsec/data
- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/crowdsec/etc:/etc/crowdsec
2024-10-22 13:24:44 +00:00
# log bind mounts into crowdsec
2024-10-25 13:28:09 +00:00
- /var/log/auth.log:/var/log/auth.log:ro
- /var/log/syslog:/var/log/syslog:ro
2024-10-22 00:39:08 +00:00
- ${DOCKER_VOLUME_STORAGE:-/mnt/docker-volumes}/traefik/logs:/var/log/traefik:ro
environment:
2024-10-22 13:06:14 +00:00
- GID=1000
2024-12-05 16:08:02 +00:00
- COLLECTIONS=crowdsecurity/traefik crowdsecurity/http-cve crowdsecurity/base-http-scenarios crowdsecurity/sshd crowdsecurity/linux crowdsecurity/appsec-crs crowdsecurity/appsec-generic-rules crowdsecurity/appsec-virtual-patching
2024-10-27 01:28:02 +00:00
#- BOUNCER_KEY_<NAME>=${CROWDSEC-BOUNCER-API-TOKEN:-FIXME-LAPI-KEY} # pre-supply a bouncer with api key
2024-10-23 11:24:36 +00:00
#- CUSTOM_HOSTNAME=crowdsec-host123
2024-10-22 13:11:08 +00:00
#security_opt:
# - no-new-privileges=true
2024-10-22 02:18:39 +00:00
#networks:
# - proxy
2024-10-22 00:39:08 +00:00
2024-10-22 02:18:39 +00:00
#networks:
# proxy:
# external: true