initial docker setup

project/infrastructure/crowdsec/crowdsec.yml

@@ -0,0 +1,39 @@
+services:
+  crowdsec:
+    extends:
+      file: ${TEMPLATES_PATH}
+      service: default
+    container_name: crowdsec
+    image: crowdsecurity/crowdsec:latest
+    environment:
+      COLLECTIONS: "crowdsecurity/traefik crowdsecurity/http-cve"
+    expose:
+      - 8080
+    ports:
+      - 6060:6060
+    volumes:
+      - ${INFRA_PATH}/crowdsec/data:/var/lib/crowdsec/data
+      - ${INFRA_PATH}/crowdsec/config:/etc/crowdsec
+      - /var/log/auth.log:/var/log/auth.log:ro
+      - /var/log/crowdsec:/var/log/crowdsec:ro
+    labels:
+      # Watchtower
+      - "com.centurylinklabs.watchtower.enable=true"
+
+  crowdsec-traefik-bouncer:
+    extends:
+      file: ${TEMPLATES_PATH}
+      service: default
+    image: fbonalair/traefik-crowdsec-bouncer:latest
+    container_name: bouncer-traefik
+    environment:
+      CROWDSEC_BOUNCER_API_KEY: ${CROWDSEC_API_KEY}
+      CROWDSEC_AGENT_HOST: crowdsec:8080
+      GIN_MODE: release
+    expose:
+      - 8080
+    depends_on:
+      - crowdsec
+    labels:
+      # Watchtower
+      - "com.centurylinklabs.watchtower.enable=true"