crowdsec
Crowdsec
This ansible roles installs Crowdsec incl. hub, collections, scenarios, postoverflows, parsers, bouncers and prometheus endpoint.
Requirements
Ansible master running version 2.12
Tested on:
platforms:
- name: Ubuntu
versions:
- bionic #18.04 LTS
- focal #20.04 LTS
- impish #21.10
- jammy #22.04 LTS Not tested
- name: Debian
versions:
- bookworm # 12
- bullseye # 11
- name: EL
versions:
- '8' #Rocky & alma Linux og Oracle Linux
- '7' #Oracle Linux
how to install.
I use ansible-galaxy do make a requirements.yml
roles:
- geerlingguy.security
- alf149.crowdsec
And run
ansible-galaxy install -r requirements.yml This wil import this role to your ansible projekt.
Role Variables
Available variables with default values (see defaults/main.yml)
variables can be host specific in group_vars/host.yml
Example Playbook
- hosts: all
vars:
cs_ban_duration: "duration: 4h" # PROD eg. 10m for testing
roles:
- alf149.crowdsec
Manual tasks could be handy
ansible HOST -m shell -a "sudo cscli parsers install crowdsecurity/whitelists --force" ansible 'group' -m shell -a "sudo cscli parsers remove crowdsecurity/whitelists --force" ansible 'group' -m shell -a "sudo systemctl reload crowdsec"
TODO
- Test on Windows server
- Maby autodetect nftables/iptables and load the correct bouncer.
Error reporting.
Use github issues or make a PR.
Author Information
About
This Ansibel roles installs Crowdsec incl. hub, collections, scenarios, postoverflows, parsers, bouncers and prometheus endpoint.
Install
ansible-galaxy install alf149/ansible-role-crowsecLicense
mit
Downloads
492
Owner