From 0861b707bd96150764e762d1a94b41ca8b141318 Mon Sep 17 00:00:00 2001 From: LRVT <21357789+l4rm4nd@users.noreply.github.com> Date: Tue, 22 Oct 2024 02:31:44 +0200 Subject: [PATCH] chore: add crowdsec bouncer --- examples/traefik/fileConfig.yml | 52 +++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) diff --git a/examples/traefik/fileConfig.yml b/examples/traefik/fileConfig.yml index 967ba26..44632a2 100644 --- a/examples/traefik/fileConfig.yml +++ b/examples/traefik/fileConfig.yml @@ -91,6 +91,58 @@ http: # - Remote-Name # - Remote-Email + #crowdsec: + # plugin: + # bouncer: + # enabled: true + # updateIntervalSeconds: 60 + # updateMaxFailure: 0 + # defaultDecisionSeconds: 60 + # httpTimeoutSeconds: 10 + # crowdsecMode: live + # crowdsecAppsecFailureBlock: true + # crowdsecAppsecUnreachableBlock: true + # crowdsecLapiKey: $CROWDSEC-BOUNCER-API-TOKEN + # crowdsecLapiHost: crowdsec:8080 + # crowdsecLapiScheme: http + # crowdsecLapiTLSInsecureVerify: false + # crowdsecCapiScenarios: + # - crowdsecurity/traefik + # - crowdsecurity/http-cve + # - crowdsecurity/http-path-traversal-probing + # - crowdsecurity/http-xss-probing + # - crowdsecurity/http-generic-bf + # forwardedHeadersTrustedIPs: + # - 10.0.0.0/8 + # - 172.16.0.0/12 + # - 192.168.0.0/16 + # - 103.21.244.0/22 + # - 103.22.200.0/22 + # - 103.31.4.0/22 + # - 104.16.0.0/13 + # - 104.24.0.0/14 + # - 108.162.192.0/18 + # - 131.0.72.0/22 + # - 141.101.64.0/18 + # - 162.158.0.0/15 + # - 172.64.0.0/13 + # - 173.245.48.0/20 + # - 188.114.96.0/20 + # - 190.93.240.0/20 + # - 197.234.240.0/22 + # - 198.41.128.0/17 + # - 2400:cb00::/32 + # - 2606:4700::/32 + # - 2803:f800::/32 + # - 2405:b500::/32 + # - 2405:8100::/32 + # - 2a06:98c0::/29 + # - 2c0f:f248::/32 + # clientTrustedIPs: + # - 10.0.0.0/8 + # - 172.16.0.0/12 + # - 192.168.0.0/16 + # rate limiting rate-limit: rateLimit: