Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

enhance: Update to latest crowdsec and firewall remediation #60

Merged
merged 2 commits into from
Sep 23, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion crowdsec-firewall-bouncer/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ ARG BUILD_FROM
FROM $BUILD_FROM

ARG BUILD_ARCH
ARG BIN_VERSION=v0.0.28
ARG BIN_VERSION=v0.0.30

RUN apt-get update && \
apt-get upgrade -y && \
Expand Down
2 changes: 1 addition & 1 deletion crowdsec-firewall-bouncer/config.yaml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
name: "Crowdsec Firewall Bouncer"

Check warning on line 1 in crowdsec-firewall-bouncer/config.yaml

View workflow job for this annotation

GitHub Actions / Lint add-on crowdsec-firewall-bouncer

'map' contains the 'config' folder, which has been replaced by 'homeassistant_config'. See: https://developers.home-assistant.io/blog/2023/11/06/public-addon-config
description: "Crowdsec bouncer written in golang for firewalls"
url: "https://github.com/crowdsecurity/home-assistant-addons/tree/main/crowdsec-firewall-bouncer/DOCS.md"
version: "v0.0.28"
version: "v0.0.30"
slug: crowdsec-firewall-bouncer
init: false
host_network: true
Expand Down
4 changes: 4 additions & 0 deletions crowdsec/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
# Changelog

## 1.6.3

- Bump crowdsec version to 1.6.3

## 1.6.2

- Bump crowdsec version to 1.6.2
Expand Down
22 changes: 11 additions & 11 deletions crowdsec/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -46,21 +46,21 @@ RUN echo "deb http://deb.debian.org/debian bullseye-backports main" >> /etc/apt/
#Add alias until env variables will be supported by crowdsec.
RUN echo 'alias cscli="cscli -c /config/.storage/crowdsec/config/config.yaml"' > /root/.bashrc

COPY --from=crowdsecurity/crowdsec:v1.6.2 /staging/etc/crowdsec /etc/crowdsec
COPY --from=crowdsecurity/crowdsec:v1.6.2 /staging/var/lib/crowdsec /var/lib/crowdsec
COPY --from=crowdsecurity/crowdsec:v1.6.2 /usr/local/bin/crowdsec /usr/local/bin/crowdsec
COPY --from=crowdsecurity/crowdsec:v1.6.2 /usr/local/bin/cscli /usr/local/bin/cscli
COPY --from=crowdsecurity/crowdsec:v1.6.2 /docker_start.sh /docker_start.sh
COPY --from=crowdsecurity/crowdsec:v1.6.2 /staging/etc/crowdsec/config.yaml /etc/crowdsec/config.yaml
COPY --from=crowdsecurity/crowdsec:v1.6.3 /staging/etc/crowdsec /etc/crowdsec
COPY --from=crowdsecurity/crowdsec:v1.6.3 /staging/var/lib/crowdsec /var/lib/crowdsec
COPY --from=crowdsecurity/crowdsec:v1.6.3 /usr/local/bin/crowdsec /usr/local/bin/crowdsec
COPY --from=crowdsecurity/crowdsec:v1.6.3 /usr/local/bin/cscli /usr/local/bin/cscli
COPY --from=crowdsecurity/crowdsec:v1.6.3 /docker_start.sh /docker_start.sh
COPY --from=crowdsecurity/crowdsec:v1.6.3 /staging/etc/crowdsec/config.yaml /etc/crowdsec/config.yaml
#Due to the wizard using cp -n, we have to copy the config files directly from the source as -n does not exist in busybox cp
#The files are here for reference, as users will need to mount a new version to be actually able to use notifications
COPY --from=crowdsecurity/crowdsec:v1.6.2 /staging/etc/crowdsec/notifications/email.yaml /etc/crowdsec/notifications/email.yaml
COPY --from=crowdsecurity/crowdsec:v1.6.2 /staging/etc/crowdsec/notifications/http.yaml /etc/crowdsec/notifications/http.yaml
COPY --from=crowdsecurity/crowdsec:v1.6.2 /staging/etc/crowdsec/notifications/slack.yaml /etc/crowdsec/notifications/slack.yaml
COPY --from=crowdsecurity/crowdsec:v1.6.2 /staging/etc/crowdsec/notifications/splunk.yaml /etc/crowdsec/notifications/splunk.yaml
COPY --from=crowdsecurity/crowdsec:v1.6.3 /staging/etc/crowdsec/notifications/email.yaml /etc/crowdsec/notifications/email.yaml
COPY --from=crowdsecurity/crowdsec:v1.6.3 /staging/etc/crowdsec/notifications/http.yaml /etc/crowdsec/notifications/http.yaml
COPY --from=crowdsecurity/crowdsec:v1.6.3 /staging/etc/crowdsec/notifications/slack.yaml /etc/crowdsec/notifications/slack.yaml
COPY --from=crowdsecurity/crowdsec:v1.6.3 /staging/etc/crowdsec/notifications/splunk.yaml /etc/crowdsec/notifications/splunk.yaml
# workaround to avoid having build issue ("failed to create image: failed to get layer")
RUN true
COPY --from=crowdsecurity/crowdsec:v1.6.2 /usr/local/lib/crowdsec/plugins /usr/local/lib/crowdsec/plugins
COPY --from=crowdsecurity/crowdsec:v1.6.3 /usr/local/lib/crowdsec/plugins /usr/local/lib/crowdsec/plugins

# Copy root filesystem
COPY rootfs /
2 changes: 1 addition & 1 deletion crowdsec/config.yaml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
name: "Crowdsec"

Check warning on line 1 in crowdsec/config.yaml

View workflow job for this annotation

GitHub Actions / Lint add-on crowdsec

'map' contains the 'config' folder, which has been replaced by 'homeassistant_config'. See: https://developers.home-assistant.io/blog/2023/11/06/public-addon-config
description: "CrowdSec - the open-source and participative IPS"
url: "https://github.com/crowdsecurity/home-assistant-addons/blob/main/crowdsec/DOCS.md"
version: "1.6.2"
version: "1.6.3"
slug: "crowdsec"
init: false
ingress: true
Expand Down
Loading