NginxProxyManager
Added crowdsec openresty bouncer support
This adds support for Nginx Proxy Manager to be a firewall bouncer for Crowdsec
Blog post on what this does https://crowdsec.net/blog/nginx-bouncer-v1/
This has been expanded to be a permanent addon to Nginx Proxy Manager, This requires the following changes to the base image https://github.com/NginxProxyManager/docker-nginx-full/pull/7
There are three Configurations that would be needed to be configurable from Nginx Proxy Manager to configure the crowdsec-openresty-bouncer for the bare minimum to get it working
File: /data/crowdsec/crowdsec-openresty-bouncer.conf
#Enables/Disables the Proxy (true|false)
ENABLED=false
#URL to the crowdsec api
API_URL=
#APIKEY to the crowdsec api, generated on crowdsec using `cscli bouncers add NPM`
API_KEY=
I'm not really sure how to do the frontend, if I can get some guidance I could do it as well
This is also currently a global setting so if an IP is banned it won't be able to connect to any host.
Full config for crowdsec
ENABLED=true
API_URL=http://localhost:8080
API_KEY=
CACHE_EXPIRATION=1
# bounce for all type of remediation that the bouncer can receive from the local API
BOUNCING_ON_TYPE=all
FALLBACK_REMEDIATION=ban
REQUEST_TIMEOUT=3000
UPDATE_FREQUENCY=10
# live or stream
MODE=stream
# exclude the bouncing on those location
EXCLUDE_LOCATION=
#those apply for "ban" action
# /!\ REDIRECT_LOCATION and RET_CODE can't be used together. REDIRECT_LOCATION take priority over RET_CODE
BAN_TEMPLATE_PATH=/data/crowdsec/templates/ban.html
REDIRECT_LOCATION=
RET_CODE=
#those apply for "captcha" action
# ReCaptcha Secret Key
SECRET_KEY=
# Recaptcha Site key
SITE_KEY=
CAPTCHA_TEMPLATE_PATH=/data/crowdsec/templates/captcha.html
CAPTCHA_EXPIRATION=3600
This is an automated message from CI:
Docker Image for build 1 is available on DockerHub as jc21/nginx-proxy-manager:github-pr-1875
Note: ensure you backup your NPM instance before testing this PR image! Especially if this PR contains database changes.
Due to the discussion here https://github.com/jlesage/docker-nginx-proxy-manager/pull/238
I will be reworking this with the final goal that it will be configurable using Nginx Proxy Manager instead of a custom advanced addon that is its current state.
I will also need to update the base image pull request to include the package instead of downloading it the current way.
Updated the initial pull request with new information and reworked this deployment so its possible to be integrated into NPM
This is an automated message from CI:
Docker Image for build 2 is available on DockerHub as jc21/nginx-proxy-manager:github-pr-1875
Note: ensure you backup your NPM instance before testing this PR image! Especially if this PR contains database changes.
This is an automated message from CI:
Docker Image for build 3 is available on DockerHub as jc21/nginx-proxy-manager:github-pr-1875
Note: ensure you backup your NPM instance before testing this PR image! Especially if this PR contains database changes.
This is an automated message from CI:
Docker Image for build 4 is available on DockerHub as jc21/nginx-proxy-manager:github-pr-1875
Note: ensure you backup your NPM instance before testing this PR image! Especially if this PR contains database changes.
This is an automated message from CI:
Docker Image for build 5 is available on DockerHub as jc21/nginx-proxy-manager:github-pr-1875
Note: ensure you backup your NPM instance before testing this PR image! Especially if this PR contains database changes.
@jc21 any update on this? I'm not sure of the status of V3 should this be more focused on that release?
If you need anything more from myside please let me know.