Migrating LAPI from Docker to Opnsense
I am wanting to migrate my LAPI from Unraid running as a docker to my Opnsense box.
Currently I have the LAPI running on docker and it is connected to the NPMPlus nginx container with its bouncer and also linked to my opnsense firewall as a bouncer. I also registered the opnsense crowdsec instance as a machine on the docker lapi. The issue is, whenever the unraid server is down I cannot manage my blocklists/decisions for obvious reasons.
I have not attempted the migration yet as I want to make sure I have the right idea before blowing everything up.
1. First I would enable the LAPI on opnsense, generate a bouncer api key, add it to the firewall bouncer yaml and set it to talk to local host vs unraid ip. Do the same for the npmplus bouncer. Also migrate the whitelist i made for my internal subnets. Link the new instance to my crowdsec account.
2. On unraid disable the lapi in the unraid docker and join the machine to the opnsense lapi.
Am I thinking this through correctly? is there anything obvious I am missing? Can i keep the unraid specific custom whitelists on the unraid instance of crowdsec or do i need to move those over to the opnsense as well? Do I need to add all my collections that are on the unraid instance to the opnsense one once its running the lapi instead?
Currently I have the LAPI running on docker and it is connected to the NPMPlus nginx container with its bouncer and also linked to my opnsense firewall as a bouncer. I also registered the opnsense crowdsec instance as a machine on the docker lapi. The issue is, whenever the unraid server is down I cannot manage my blocklists/decisions for obvious reasons.
I have not attempted the migration yet as I want to make sure I have the right idea before blowing everything up.
1. First I would enable the LAPI on opnsense, generate a bouncer api key, add it to the firewall bouncer yaml and set it to talk to local host vs unraid ip. Do the same for the npmplus bouncer. Also migrate the whitelist i made for my internal subnets. Link the new instance to my crowdsec account.
2. On unraid disable the lapi in the unraid docker and join the machine to the opnsense lapi.
Am I thinking this through correctly? is there anything obvious I am missing? Can i keep the unraid specific custom whitelists on the unraid instance of crowdsec or do i need to move those over to the opnsense as well? Do I need to add all my collections that are on the unraid instance to the opnsense one once its running the lapi instead?
