feat: Adds appsec to crowdsec configuration.

Dockerfile

@@ -9,7 +9,7 @@ RUN xcaddy build \
   --with github.com/hslatman/caddy-crowdsec-bouncer/http@main \
   --with github.com/hslatman/caddy-crowdsec-bouncer/layer4@main
 
-FROM caddy:${CADDY_VERSION} AS caddy
+FROM docker.io/caddy:${CADDY_VERSION} AS caddy
 
 WORKDIR /
 

caddy/Caddyfile

@@ -10,6 +10,7 @@
 		api_url http://crowdsec:8080
 		api_key {$CROWDSEC_API_KEY}
 		ticker_interval 15s
+		appsec_url http://crowdsec:7422
 	}
 	log {
 		level INFO
@@ -18,7 +19,6 @@
 }
 
 ductcalc.pro {
-
 	tls {
 		dns cloudflare {env.CF_AUTH_TOKEN}
 		resolvers 1.1.1.1
@@ -28,4 +28,3 @@ ductcalc.pro {
 	crowdsec
 	reverse_proxy http://ductcalc:8080
 }
-

compose.yaml

@@ -34,7 +34,7 @@ services:
     restart: unless-stopped
     environment:
       - GID=1000
-      - COLLECTIONS=crowdsecurity/linux crowdsecurity/caddy crowdsecurity/http-cve crowdsecurity/whitelist-good-actors
+      - COLLECTIONS=crowdsecurity/linux crowdsecurity/caddy crowdsecurity/http-cve crowdsecurity/whitelist-good-actors crowdsecurity/appsec-virtual-patching crowdsecurity/appsec-generic-rules
       - BOUNCER_KEY_CADDY=${CROWDSEC_API_KEY}
     volumes:
       - crowdsec_db:/var/lib/crowdsec/data/

crowdsec/appsec.yaml

@@ -0,0 +1,5 @@
+appsec_config: crowdsecurity/appsec-default
+labels:
+  type: appsec
+listen_addr: 127.0.0.1:7422
+source: appsec