general update oon docker config

2024-07-19 12:38:32 +02:00
parent 2da547bcc2
commit fd083af6d3
34 changed files with 125 additions and 46 deletions
--- a/project/infrastructure/crowdsec/crowdsec.yml
+++ b/project/infrastructure/crowdsec/crowdsec.yml
@@ -6,34 +6,21 @@ services:
    container_name: crowdsec
    image: crowdsecurity/crowdsec:latest
    environment:
-      COLLECTIONS: "crowdsecurity/traefik crowdsecurity/http-cve"
+      COLLECTIONS: crowdsecurity/traefik crowdsecurity/appsec-virtual-patching crowdsecurity/appsec-generic-rules crowdsecurity/http-cve
+      CROWDSEC_BOUNCER_API_KEY: ${CROWDSEC_API_KEY}
+      CUSTOM_HOSTNAME: crowdsec
    expose:
      - 8080
    ports:
      - 6060:6060
+    networks: 
+      - ip4net
+      - ip6net
    volumes:
      - ${INFRA_PATH}/crowdsec/data:/var/lib/crowdsec/data
      - ${INFRA_PATH}/crowdsec/config:/etc/crowdsec
      - /var/log/auth.log:/var/log/auth.log:ro
      - /var/log/crowdsec:/var/log/crowdsec:ro
-    labels:
-      # Watchtower
-      - "com.centurylinklabs.watchtower.enable=true"
-
-  crowdsec-traefik-bouncer:
-    extends:
-      file: ${TEMPLATES_PATH}
-      service: default
-    image: fbonalair/traefik-crowdsec-bouncer:latest
-    container_name: bouncer-traefik
-    environment:
-      CROWDSEC_BOUNCER_API_KEY: ${CROWDSEC_API_KEY}
-      CROWDSEC_AGENT_HOST: crowdsec:8080
-      GIN_MODE: release
-    expose:
-      - 8080
-    depends_on:
-      - crowdsec
    labels:
      # Watchtower
      - "com.centurylinklabs.watchtower.enable=true"