feat: Adds appsec to crowdsec configuration.

2026-02-13 11:27:21 -05:00
parent 0cba355914
commit c3a197f829
4 changed files with 31 additions and 27 deletions
--- a/2
+++ b/2
@@ -9,7 +9,7 @@ RUN xcaddy build \
  --with github.com/hslatman/caddy-crowdsec-bouncer/http@main \
  --with github.com/hslatman/caddy-crowdsec-bouncer/layer4@main
-FROM caddy:${CADDY_VERSION} AS caddy
+FROM docker.io/caddy:${CADDY_VERSION} AS caddy
 WORKDIR /
--- a/caddy/Caddyfile
+++ b/caddy/Caddyfile
@@ -10,6 +10,7 @@
 		api_url http://crowdsec:8080
 		api_key {$CROWDSEC_API_KEY}
 		ticker_interval 15s
 		appsec_url http://crowdsec:7422
 	}
 	log {
 		level INFO
@@ -18,7 +19,6 @@
 }
 ductcalc.pro {
 	tls {
 		dns cloudflare {env.CF_AUTH_TOKEN}
 		resolvers 1.1.1.1
@@ -28,4 +28,3 @@ ductcalc.pro {
 	crowdsec
 	reverse_proxy http://ductcalc:8080
 }
--- a/compose.yaml
+++ b/compose.yaml
@@ -34,7 +34,7 @@ services:
    restart: unless-stopped
    environment:
      - GID=1000
-      - COLLECTIONS=crowdsecurity/linux crowdsecurity/caddy crowdsecurity/http-cve crowdsecurity/whitelist-good-actors
+      - COLLECTIONS=crowdsecurity/linux crowdsecurity/caddy crowdsecurity/http-cve crowdsecurity/whitelist-good-actors crowdsecurity/appsec-virtual-patching crowdsecurity/appsec-generic-rules
      - BOUNCER_KEY_CADDY=${CROWDSEC_API_KEY}
    volumes:
      - crowdsec_db:/var/lib/crowdsec/data/
--- a/crowdsec/appsec.yaml
+++ b/crowdsec/appsec.yaml
@@ -0,0 +1,5 @@
 appsec_config: crowdsecurity/appsec-default
 labels:
  type: appsec
 listen_addr: 127.0.0.1:7422
 source: appsec