CrowdSec Docker Setup on TrueNAS SCALE EE with Tailscale + TSDproxy
Hi everyone! I’m running TrueNAS SCALE 24.10.2.3 (Electric Eel) and I’m working on setting up CrowdSec inside a Docker container.
My goals:
Use CrowdSec to protect Vaultwarden and Immich, which are also running in Docker on the same TrueNAS server.
Forward logs (stdout or file-based) from these apps to a shared dataset or volume, and have CrowdSec parse them.
Use a firewall bouncer (also containerized) to mitigate brute-force or intrusion attempts—whether coming from:
Other devices in my Tailscale tailnet, or
LAN clients trying to access services directly, since my server sits behind a local router (which itself connects to the ISP’s main router).
Optionally, parse TSDProxy logs, which handles reverse proxying + Tailscale access.
Current setup:
TrueNAS SCALE 24.10.2.3
Docker containers: Vaultwarden, Immich, TSDProxy
Tailscale installed with subnet routing and exit node
CrowdSec + firewall bouncer planned (in Docker only)
Planning to store logs in a shared directory (e.g. /mnt/POOL/Application/shared-logs/)
My questions:
Is there a working example or recommendation for running CrowdSec in Docker to monitor other containers' logs and use the firewall bouncer effectively whilst using tsdproxy?
Can the firewall bouncer block traffic from Tailscale devices or LAN clients, or does it only work at the container level?
I’ve read the troubleshooting guide, but didn’t find guidance on this kind of setup (TrueNAS SCALE + Tailscale + Docker + CrowdSec bouncer).
Thanks in advance to anyone who has tackled something similar or has tips!
My goals:
Use CrowdSec to protect Vaultwarden and Immich, which are also running in Docker on the same TrueNAS server.
Forward logs (stdout or file-based) from these apps to a shared dataset or volume, and have CrowdSec parse them.
Use a firewall bouncer (also containerized) to mitigate brute-force or intrusion attempts—whether coming from:
Other devices in my Tailscale tailnet, or
LAN clients trying to access services directly, since my server sits behind a local router (which itself connects to the ISP’s main router).
Optionally, parse TSDProxy logs, which handles reverse proxying + Tailscale access.
Current setup:
TrueNAS SCALE 24.10.2.3
Docker containers: Vaultwarden, Immich, TSDProxy
Tailscale installed with subnet routing and exit node
CrowdSec + firewall bouncer planned (in Docker only)
Planning to store logs in a shared directory (e.g. /mnt/POOL/Application/shared-logs/)
My questions:
Is there a working example or recommendation for running CrowdSec in Docker to monitor other containers' logs and use the firewall bouncer effectively whilst using tsdproxy?
Can the firewall bouncer block traffic from Tailscale devices or LAN clients, or does it only work at the container level?
I’ve read the troubleshooting guide, but didn’t find guidance on this kind of setup (TrueNAS SCALE + Tailscale + Docker + CrowdSec bouncer).
Thanks in advance to anyone who has tackled something similar or has tips!
