NPM / NextCloud Connection

Hello,

I am running into an issue setting up my Nextcloud server and NPM server protected by CrowdSec.

I am hoping to have a setup where repeated failed POST login attempts to public servers would be blacklisted by CrowdSec.

As far as I can tell, I have followed guides to configure the server to be connected with NPM, however I have a hard time determining whether the whitelisting or blacklisting is working.

As for Nextcloud, as soon as I attempt to follow the guide and set up the acquis.yaml file according to this article:
https://app.crowdsec.net/hub/author/crowdsecurity/collections/nextcloud

My crowdsec server crashes abruptly after restart.

I have the collection added to Crowdsec (screenshot)

as well as the parser (screenshot)

But the server repeatedly crashes.

Collections, AppSec Rules & Configurations | CrowdSec Hub

Manage collections, configurations, remediation components, and AppSec rules with CrowdSec Hub. Streamline security with tools and integrations for enhanced protection.

CrowdSec•12/11/25, 5:41 AM

Important Information

Thank you for getting in touch with your support request. To expedite a swift resolution, could you kindly provide the following information? Rest assured, we will respond promptly, and we greatly appreciate your patience. While you wait, please check the links below to see if this issue has been previously addressed. If you have managed to resolve it, please use run the command

/resolve

/resolve

or press the green resolve button below.

Log Files

If you possess any log files that you believe could be beneficial, please include them at this time. By default, CrowdSec logs to /var/log/, where you will discover a corresponding log file for each component.

Guide Followed (CrowdSec Official)

If you have diligently followed one of our guides and hit a roadblock, please share the guide with us. This will help us assess if any adjustments are necessary to assist you further.

Screenshots

Please forward any screenshots depicting errors you encounter. Your visuals will provide us with a clear view of the issues you are facing.

•

12/11/25, 5:41 AM

_KaszpiR_•12/11/25, 8:06 AM

Check the crowdsec logs why it crashes

Loz•12/11/25, 12:52 PM

You said server crashes, did you mean crowdsec crashes? if server is crashing from a single process then there a deeper issue than just crowdsec

gamgeemooOP•12/11/25, 3:18 PM

Apologies for the lack of clarification- I did mean that just crowdsec was crashing upon boot after enabling the Nextcloud injestion in the acquis.yaml file.

gamgeemooOP•12/11/25, 3:32 PM

The issues only happen when I attempt to actually connect the "nextcloud.log" file to crowdsec. I just ran cscli explain <nextcloud logfile> -type <nextcloud> and it does appear to be working:

gamgeemooOP•12/11/25, 3:32 PM

However, when I attempt to implement this with the acquis.yaml file - crowdsec crashes.

gamgeemooOP•12/11/25, 3:36 PM

It works for Nginx here in the acquis.yaml file. I'm working on trying to find the logs for the crowdsec application to determine why exactly its crashing. My log window closes out when the application crashes, but I should be able to find it from the Unraid application...

gamgeemooOP•12/11/25, 9:49 PM

I believe I figured out my issue, I'm pretty certain that my acquis.yaml plugin was formatted incorrectly.

Ggamgeemoo I believe I figured out my issue, I'm pretty certain that my acquis.yaml plugin ...

_KaszpiR_•12/11/25, 9:58 PM

crowdsec -c /etc/crowdsec/config.yaml -tcrowdsec -c /etc/crowdsec/config.yaml -t will test the config