C
CrowdSec4mo ago
Tobi

Deploy CrowdSec in agent mode with docker-compose

What's the correct setup and configuration for deploying crowdsec in agent mode (so with a LAPI on a remote server) with docker-compose? Here's a very basic example of the docker-compose file I'm using: 
services:
  crowdsec:
    environment:
      COLLECTIONS: crowdsecurity/linux
      DISABLE_LOCAL_API: true
      GID: 1000
      LOCAL_API_URL: http://192.168.0.1:8080/
    image: crowdsecurity/crowdsec:latest
    restart: always
    volumes:
      - ./acquis.yaml:/etc/crowdsec/acquis.yaml
      - db:/var/lib/crowdsec/data/
      - config:/etc/crowdsec/
      - /etc/localtime:/etc/localtime:ro
      # Allow reading host logs      
      - /var/log:/var/log:ro
volumes:
  config:
  db:
services:
  crowdsec:
    environment:
      COLLECTIONS: crowdsecurity/linux
      DISABLE_LOCAL_API: true
      GID: 1000
      LOCAL_API_URL: http://192.168.0.1:8080/
    image: crowdsecurity/crowdsec:latest
    restart: always
    volumes:
      - ./acquis.yaml:/etc/crowdsec/acquis.yaml
      - db:/var/lib/crowdsec/data/
      - config:/etc/crowdsec/
      - /etc/localtime:/etc/localtime:ro
      # Allow reading host logs      
      - /var/log:/var/log:ro
volumes:
  config:
  db:
However, I'm just running into the error crowdsec init: while initializing LAPIClient: authenticate watcher (): API error: ent: machine not found. According to https://docs.crowdsec.net/u/troubleshooting/security_engine/#cannot-authenticate-to-the-local-api this means I need to regenerate this machine's credentials for the LAPI instance. Going by https://www.crowdsec.net/blog/multi-server-setup this probably means that I'd need to either execute cscli lapi register -u http://192.168.0.1:8080/ in the container (which I can't do as the container is just constantly restarting as it can't connect) or use cscli machines add --auto > somefile.yaml and juggle that file around. Is there any better way to have a CrowdSec instance register with the LAPI server once, if it has no credentials configured?
Setting up A Multi-Server Security Engine Installation
Learn how to deploy multiple Security Engines in a multi-server setup with one of the servers configured to store and share the collected signals.
1 Reply
CrowdSec
CrowdSec4mo ago
Important Information
Thank you for getting in touch with your support request. To expedite a swift resolution, could you kindly provide the following information? Rest assured, we will respond promptly, and we greatly appreciate your patience. While you wait, please check the links below to see if this issue has been previously addressed. If you have managed to resolve it, please use run the command /resolve or press the green resolve button below.
Log Files
If you possess any log files that you believe could be beneficial, please include them at this time. By default, CrowdSec logs to /var/log/, where you will discover a corresponding log file for each component.
Guide Followed (CrowdSec Official)
If you have diligently followed one of our guides and hit a roadblock, please share the guide with us. This will help us assess if any adjustments are necessary to assist you further.
Screenshots
Please forward any screenshots depicting errors you encounter. Your visuals will provide us with a clear view of the issues you are facing.
© Created By WhyAydan for CrowdSec ❤️

Did you find this page helpful?