how do I use the BOUNCER_KEY_<name>=<key> ?
As outlined in the docu:
With TLS authentication: Bouncers are automatically registered and don't need an API key. The bouncers' names are derived from the IP address from which they connect.So my question, do I still need to define it in docker-compose somewhere? Is there an option to add the bouncer without cscli?
9 Replies
Important Information
This post has been marked as resolved. If this is a mistake please press the red button below or type
/unresolve© Created By WhyAydan for CrowdSec ❤️
The
BOUNCER_KEY_XXX env var is to automatically add the bouncer in the LAPI DB on startup
If you are using TLS authentication (https://docs.crowdsec.net/docs/next/local_api/tls_auth/), you don't need to configure anything, the bouncer will be automatically created in the DB on 1st connectionDocumentation | CrowdSec
CrowdSec, the open-source & participative IPS
@blotus thank you!
So if I use a bouncer without TLS, first of all, I have to add it manually and then enter the key inside docker compose?
just adding the key to the compose file is enough, it will be inserted in the database if the bouncer does not exist yet
GitHub
crowdsec/docker at master · crowdsecurity/crowdsec
CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI. - crowdsecurity/crowdsec
What is the recommended way to generate the key?
Can I just use anything like '1234' or should this key follow certain rules?
And @blotus thanks for your replies.
i'd need to look at the code, but IIRC it needs to be at least 32 chars
use something like
pwgen to generate a random string and that would be enoughWould have been nice to have it mentioned in the docu somewhere.
@blotus Thanks a lot!
Resolving how do I use the BOUNCERKEY<name>=<key> ?
This has now been resolved. If you think this is a mistake please run
/unresolve