ENROLL_KEY and Auto-Accept in Crowdsec Console ?
Hey,
Is there a way to have an auto-accept of security engines in CrowdSec Console ? I thought using the ENROLL_KEY would help with that but it looks like I still have to always accept the enrolment online.
Did I miss something ?
Thanks
Yes. I missed basic politeness. Happy New Year everyone π
4 Replies
So the
ENROLL_KEY is simply to allow the console to know which account/organization should to be tied to this engine, auto acceptance is a feature of the enterprise plan.Might be something wrong in my setup. But every time I restart my docker stack I have to accept it again which defeats its purpose.
Will have to recheck my volumes as I assume this is not expected.
Could you confirm where would this be persisted normally ? I assume in /etc/crowdsec but if you know where exactly it could be useful
Will have to recheck my volumes as I assume this is not expected.If you persist the
/etc/crowdsec folder and more specifically the /etc/crowdsec/online_api_credentials.yaml file then this will keep the username/password that is generated for CAPI (this is the username used in the console to know the SE identifier is tied to this account)Perfect. That was indeed my volume (due to overlap in my compose, an oversight on my side).
Thanks !
Ok actually, I did that in my volumes :
- ./config/crowdsec/online_api_credentials.yaml:/etc/crowdsec/online_api_credentials.yaml
And the file is overwritten with new credentials at each run. Thats' not expected right ?
Ok so I solved it by adding a volume for the whole /etc/crowdsec. So I guess some other dependencies are needed ?