Use vaultwarden collection when crowdsec and vaultwarden are running in different containers | CrowdSec | Page 1

shut plover Oct 22, 2024, 5:11 PM

#

I have a vaultwarden and a crowdsec docker container. The vaultwarden logs are monted on my host at ./vaultwarden/logs/. Also i am using a firewall bouncer on my host which is connected via API to the crowdsec container.
Just for my understanding: Can i install inside the crowdsec container the vaultwarden collection, mount the vaultwarden logs into the crowdsec container and point the acquis.yaml to the vaultwarden logs? Does this work? So if a pattern inside the vaultwarden collection is triggered, the IP gets banned threw the API with the firewall bouncer?

hallow sleetBOT Oct 22, 2024, 5:11 PM

#

Important Information

This post has been marked as resolved. If this is a mistake please press the red button below or type /unresolve

sonic monolith Oct 23, 2024, 7:41 AM

#

Yes, it will work

shut plover Oct 24, 2024, 11:20 AM

#

Ok, in my explained setup, what is the correct iptable_chain setup for the Firewall bouncer? Forward? Docker-User? All of them? Like i said, the bouncer is on my Host, the crowdsec Engine itself inside the docker Container

sonic monolith Oct 28, 2024, 9:35 AM

#

If you are exposing service through docker, you'll need the DOCKER-USERchain at a minimum.
I would also add the INPUT chain if you have anything running on the host that is also exposed

hallow sleetBOT Oct 28, 2024, 1:47 PM

#

hallow sleet

Resolving Use vaultwarden collection when crowdsec and vaultwarden are running in different containers

#Use vaultwarden collection when crowdsec and vaultwarden are running in different containers