Skip to content

windows accurate crowdsec start #853

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 3 commits into from
Closed

windows accurate crowdsec start #853

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
97934ae
move Traefik doc
sabban Aug 7, 2025
a3d6671
Merge branch 'main' of github.com:crowdsecurity/crowdsec-docs
sabban Aug 20, 2025
8605854
Being accurate is important.
sabban Aug 20, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
58 changes: 58 additions & 0 deletions crowdsec-docs/unversioned/bouncers/traefik.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
---
id: traefik
title: Traefix
sidebar_position: 5
---

import Tabs from '@theme/Tabs';
import TabItem from '@theme/TabItem';
import useBaseUrl from '@docusaurus/useBaseUrl';
import RemediationSupportBadges from '@site/src/components/remediation-support-badge';


<p align="center">
<img src={useBaseUrl('/img/crowdsec_custom.svg')} alt="CrowdSec" title="CrowdSec" width="400" height="300" />
</p>
<p align="center">
<img src="https://img.shields.io/badge/build-pass-green"></img>
<img src="https://img.shields.io/badge/tests-pass-green"></img>
</p>
<p align="center">
&#x1F4DA; <a href="#installation/">Documentation</a>
&#x1F4A0; <a href="https://hub.crowdsec.net">Hub</a>
&#128172; <a href="https://discourse.crowdsec.net">Discourse </a>
</p>

<RemediationSupportBadges
Prometheus
/>

### Traefik on kubernetes

Traefik expects a resource of "Middleware" type named "bouncer", which we will create now.

Here is bouncer-middleware.yaml:

```yaml
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: bouncer
namespace: traefik
spec:
plugin:
bouncer:
enabled: true
crowdsecMode: stream
crowdsecLapiScheme: https
crowdsecLapiHost: crowdsec-service.crowdsec:8080
crowdsecLapiKey: mysecretkey12345
```

You can see all the configuration options in the [bouncer documentation](https://plugins.traefik.io/plugins/6335346ca4caa9ddeffda116/crowdsec-bouncer-traefik-plugin).

Now, you can install the remediation component:

```bash
kubectl apply -f bouncer-middleware.yaml
```
66 changes: 0 additions & 66 deletions crowdsec-docs/unversioned/getting_started/installation/kubernetes.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -122,73 +122,7 @@ lapi:
Then, you can install the remediation component with the following command:


#### Traefik

Traefik expects a resource of "Middleware" type named "bouncer", which we will create now.

Here is bouncer-middleware.yaml:

```yaml
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: bouncer
namespace: traefik
spec:
plugin:
bouncer:
enabled: true
crowdsecMode: stream
crowdsecLapiScheme: https
crowdsecLapiHost: crowdsec-service.crowdsec:8080
crowdsecLapiKey: mysecretkey12345
```

You can see all the configuration options in the [bouncer documentation](https://plugins.traefik.io/plugins/6335346ca4caa9ddeffda116/crowdsec-bouncer-traefik-plugin).

Now, you can install the remediation component:

```bash
kubectl apply -f bouncer-middleware.yaml
```

#### Nginx

:::info
We supposed that you have already installed the Nginx ingress controller using this [helm chart](https://artifacthub.io/packages/helm/ingress-nginx/ingress-nginx).
:::

We need to patch ingress-nginx helm chart to add and enable [the crowdsec lua plugin](https://github.com/crowdsecurity/cs-openresty-bouncer).
You can put this configuration example in a file `crowdsec-ingress-nginx.yaml`:

```yaml
controller:
extraVolumes:
- name: crowdsec-bouncer-plugin
emptyDir: {}
extraInitContainers:
- name: init-clone-crowdsec-bouncer
image: crowdsecurity/lua-bouncer-plugin
imagePullPolicy: IfNotPresent
env:
- name: API_URL
value: "http://crowdsec-service.crowdsec.svc.cluster.local:8080"
- name: API_KEY
value: "mysecretkey12345"
- name: BOUNCER_CONFIG
value: "/crowdsec/crowdsec-bouncer.conf"
command: ['sh', '-c', "sh /docker_start.sh; mkdir -p /lua_plugins/crowdsec/; cp -R /crowdsec/* /lua_plugins/crowdsec/"]
volumeMounts:
- name: crowdsec-bouncer-plugin
mountPath: /lua_plugins
extraVolumeMounts:
- name: crowdsec-bouncer-plugin
mountPath: /etc/nginx/lua/plugins/crowdsec
subPath: crowdsec
config:
plugins: "crowdsec"
lua-shared-dicts: "crowdsec_cache: 50m"
```

Once we have this patch we can upgrade the ingress-nginx chart

Expand Down
2 changes: 1 addition & 1 deletion crowdsec-docs/unversioned/getting_started/installation/windows.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ Before getting started, it is advised to read the [introduction](/unversioned/ge

We provide MSI installers for Windows. You can download the latest version from the [release page](https://github.com/crowdsecurity/crowdsec/releases/latest)

Download and run the installer, it will install CrowdSec as a service and start it.
Download and run the installer, it will install CrowdSec as a service and start it after next reboot.

### Chocolatey

Expand Down