Traefik, Bouncer plugin and firewall bouncer issues
Hi, I have been trying for a while and I cannot figure out where I am going wrong.
I am running traefik in a container with docker compose, I wanted to add crowdsec to it, it was working when I fiddled with some options but I am not a 100% sure why and when. I cannot get the firewall bouncer to work at all and I seem to have lost the ability to get the traefik bouncer plugin to work now as well, I am getting 403s everywhere.
I am attaching all my config files/logs.
I am sort of new to this so I'd appreciate any explanations, here to learn.
I compressed to zip cause there is like 12 files and you can only upload 1 by 1 on here. I can upload 1 by 1 if need be.
When I remove the crowdsec traefik bouncer from middlewares, everything works as expected.
I am running Ubuntu Server.
6 Replies
Important Information
Thank you for getting in touch with your support request. To expedite a swift resolution, could you kindly provide the following information? Rest assured, we will respond promptly, and we greatly appreciate your patience. While you wait, please check the links below to see if this issue has been previously addressed. If you have managed to resolve it, please use run the command
/resolve or press the green resolve button below.Log Files
If you possess any log files that you believe could be beneficial, please include them at this time. By default, CrowdSec logs to /var/log/, where you will discover a corresponding log file for each component.
Guide Followed (CrowdSec Official)
If you have diligently followed one of our guides and hit a roadblock, please share the guide with us. This will help us assess if any adjustments are necessary to assist you further.
Screenshots
Please forward any screenshots depicting errors you encounter. Your visuals will provide us with a clear view of the issues you are facing.
© Created By WhyAydan for CrowdSec ❤️
For crowdsec + bouncer I followed the official docs and some forum issues I found for the setup.
Same for troubleshooting.
I think what works now to get things running is adding my public IP to forwardedHeadersTrustedIPs. Not a great solution and probably should not be done.
For the firewall I tried all the usual troubleshooting, regenerating the key, making sure they all match, but I think the LAPI host might be wrong?
I get these logs:
and it does not even run anymore
So with Traefik remediation it communicates over the docker network this means the port you get by using:
is wrong, since that is port on the HOST not the port within the container network, so that can be hardcoded to
crowdsec:8080
but the again your compose doesnt match your config.yaml as your port mapping point 8095:8080 but inside your config.yaml your listening on
listen_uri: 0.0.0.0:8095
so I take back the first comment leave that as is, the issue is your port mapping are going to port not being listened by the container.
you need to update this:
to
Of course. How could I have missed that. Thanks a lot, that solved most of my problems. The decisions seem to have been correctly updated for both judging by the logs.
I still get a 403 with these logs.
your port is not in the log
http://crowdsec:/v1/decisions/stream? I guess ENV is not working as expected?Yup, I was not passing it in the evironmental variables in the compose. Okay, this fixed all my problems. Thank you, you are a gentleman and a scholar, all that's left is some reading material recommendations so I can one day be as good at knowing things as you 🙂