ok

2024-04-19 10:27:36 +02:00
parent fcb6bbe566
commit 35c96e715c
7852 changed files with 4815 additions and 8 deletions
--- a/Réseau/Crowdsec/README.md
+++ b/Réseau/Crowdsec/README.md
@ -0,0 +1,30 @@
+![CrowdSec](./img/logo-CrowdSec.png)
+
+# CrowdSec
+
+
+# Installation
+
+Pour utiliser CrowdSec tout seul
+```bash
+docker compose up -d
+```
+
+Pour utiliser CrowdSec avec Traefik
+```bash
+docker compose -f docker-compose-traefik.yml up -d
+```
+
+Pour utiliser CrowdSec avec Nginx
+```bash
+docker compose -f docker-compose-nginx.yml up -d
+```
+# Utilisation
+
+## Accueil
+
+# More info
+- more information on the website [Tips-Of-Mine](https://www.tips-of-mine.fr/)
+
+# Buy me a coffe
+<a href='https://ko-fi.com/R5R2KNI3N' target='_blank'><img height='36' style='border:0px;height:36px;' src='https://storage.ko-fi.com/cdn/kofi4.png?v=3' border='0' alt='Buy Me a Coffee at ko-fi.com' /></a>
--- a/Réseau/Crowdsec/Traefik/config.yaml
+++ b/Réseau/Crowdsec/Traefik/config.yaml
@ -0,0 +1,6 @@
+http:
+  middlewares:    
+    crowdsec-bouncer:
+      forwardauth:
+        address: http://bouncer-traefik:8080/api/v1/forwardAuth
+        trustForwardHeader: true
--- a/Réseau/Crowdsec/Traefik/traefik.yaml
+++ b/Réseau/Crowdsec/Traefik/traefik.yaml
@ -0,0 +1,41 @@
+api:
+  dashboard: true
+  debug: true
+entryPoints:
+  http:
+    address: ":80"
+    http:
+      middlewares:
+        - crowdsec-bouncer@file
+      redirections:
+        entryPoint:
+          to: https
+          scheme: https
+  https:
+    address: ":443"
+    http:
+      middlewares:
+        - crowdsec-bouncer@file
+serversTransport:
+  insecureSkipVerify: true
+providers:
+  docker:
+    endpoint: "unix:///var/run/docker.sock"
+    exposedByDefault: false
+  file:
+    filename: /config.yml
+certificatesResolvers:
+  cloudflare:
+    acme:
+      email: your@email.com #add your email
+      storage: acme.json
+      dnsChallenge:
+        provider: cloudflare
+        resolvers:
+          - "1.1.1.1:53"
+          - "1.0.0.1:53"
+log:
+  level: "INFO"
+  filePath: "/var/log/traefik/traefik.log"
+accessLog:
+  filePath: "/var/log/traefik/access.log"
--- a/Réseau/Crowdsec/acquis.yaml
+++ b/Réseau/Crowdsec/acquis.yaml
@ -0,0 +1,4 @@
+filenames:
+  - /var/log/traefik/*
+labels:
+  type: traefik
--- a/Réseau/Crowdsec/docker-compose-traefik.yml
+++ b/Réseau/Crowdsec/docker-compose-traefik.yml
--- a/Réseau/Crowdsec/docker-compose.yml
+++ b/Réseau/Crowdsec/docker-compose.yml
@ -0,0 +1,35 @@
+version: '3.8'
+services:
+  crowdsec:
+    image: crowdsecurity/crowdsec:latest
+    container_name: crowdsec
+    environment:
+      GID: "${GID-1000}"
+      COLLECTIONS: "crowdsecurity/linux crowdsecurity/traefik"
+    volumes:
+      - /home/ubuntu/docker/crowdsec/acquis.yaml:/etc/crowdsec/acquis.yaml
+      - /home/ubuntu/docker/crowdsec/db:/var/lib/crowdsec/data/
+      - /home/ubuntu/docker/crowdsec/config:/etc/crowdsec/
+      - /home/ubuntu/docker/traefik/logs:/var/log/traefik/:ro
+    networks:
+      - proxy
+    security_opt:
+      - no-new-privileges:true
+    restart: unless-stopped
+
+  bouncer-traefik:
+    image: docker.io/fbonalair/traefik-crowdsec-bouncer:latest
+    container_name: bouncer-traefik
+    environment:
+      CROWDSEC_BOUNCER_API_KEY: create_a_random_api_key
+      CROWDSEC_AGENT_HOST: crowdsec:8080
+    networks:
+      - proxy
+    depends_on:
+      - crowdsec
+    restart: unless-stopped
+    security_opt:
+      - no-new-privileges:true
+networks:
+  proxy:
+    external: true
--- a/Réseau/Crowdsec/img/logo-CrowdSec.png
+++ b/Réseau/Crowdsec/img/logo-CrowdSec.png