Migrating LAPI from Docker to Opnsense
I am wanting to migrate my LAPI from Unraid running as a docker to my Opnsense box.
Currently I have the LAPI running on docker and it is connected to the NPMPlus nginx container with its bouncer and also linked to my opnsense firewall as a bouncer. I also registered the opnsense crowdsec instance as a machine on the docker lapi. The issue is, whenever the unraid server is down I cannot manage my blocklists/decisions for obvious reasons.
I have not attempted the migration yet as I want to make sure I have the right idea before blowing everything up.
1. First I would enable the LAPI on opnsense, generate a bouncer api key, add it to the firewall bouncer yaml and set it to talk to local host vs unraid ip. Do the same for the npmplus bouncer. Also migrate the whitelist i made for my internal subnets. Link the new instance to my crowdsec account.
2. On unraid disable the lapi in the unraid docker and join the machine to the opnsense lapi.
Am I thinking this through correctly? is there anything obvious I am missing? Can i keep the unraid specific custom whitelists on the unraid instance of crowdsec or do i need to move those over to the opnsense as well? Do I need to add all my collections that are on the unraid instance to the opnsense one once its running the lapi instead?
3 Replies
Important Information
Thank you for getting in touch with your support request. To expedite a swift resolution, could you kindly provide the following information? Rest assured, we will respond promptly, and we greatly appreciate your patience. While you wait, please check the links below to see if this issue has been previously addressed. If you have managed to resolve it, please use run the command
/resolve or press the green resolve button below.Log Files
If you possess any log files that you believe could be beneficial, please include them at this time. By default, CrowdSec logs to /var/log/, where you will discover a corresponding log file for each component.
Guide Followed (CrowdSec Official)
If you have diligently followed one of our guides and hit a roadblock, please share the guide with us. This will help us assess if any adjustments are necessary to assist you further.
Screenshots
Please forward any screenshots depicting errors you encounter. Your visuals will provide us with a clear view of the issues you are facing.
© Created By WhyAydan for CrowdSec ❤️
I'd like to add my opnsense box has an i5-8500t and 8gb of ram. I do not expect horsepower to be an issue.
Is this change recommended or is it best to keep it the way it is?
In short, yes, your steps seem to cover all the bases, make sure you use a "config.yaml.local" as your 'gets to stay around' config as any changes to "/usr/local/etc/crowdsec/config.yaml" will change on update or GUI re-configuration