#Bouncer visible, but no information processed (only "valid" and "auth type") filled

1 messages · Page 1 of 1 (latest)

lethal perch
#

Setup crowdsec v1.7.6, installed in docker compose file along with ZoeyVid/NPMPlus

Have an issue with my docker setup for a while. The bouncer is installed (and reinstalled, re-registered, ...) but does not return any information. Also the portal doesn't show any info on the bouncer.

It does process my logs, but no remediation component work at this moment or don't give any feedback.

image.png image.png
proper harborBOT
#
Important Information

Thank you for getting in touch with your support request. To expedite a swift resolution, could you kindly provide the following information? Rest assured, we will respond promptly, and we greatly appreciate your patience. While you wait, please check the links below to see if this issue has been previously addressed. If you have managed to resolve it, please use run the command /resolve or press the green resolve button below.

Log Files

If you possess any log files that you believe could be beneficial, please include them at this time. By default, CrowdSec logs to /var/log/, where you will discover a corresponding log file for each component.

Guide Followed (CrowdSec Official)

If you have diligently followed one of our guides and hit a roadblock, please share the guide with us. This will help us assess if any adjustments are necessary to assist you further.

Screenshots

Please forward any screenshots depicting errors you encounter. Your visuals will provide us with a clear view of the issues you are facing.

© Created By WhyAydan for CrowdSec ❤️ ·
shell vine
#

Could you share the crowdsec.conf file that should have been modified as per the npmplus instructions? (redact api key)

sometimes I find that the enabled property is still false, which needs to be set to true

pseudo pewter
#

@shell vine I've been helping @lethal perch in troubleshooting this issue for the past few days. We are running a similar homelab environment but I'm not facing the issue. The crowdsec.conf file is definitely correct and consistent with my setup

ENABLED=true
API_URL=http://127.0.0.1:8080
API_KEY=REDACTED

Performing a curl -v http://127.0.0.1:8080/v1/heartbeat with the API_KEY authorization header from the npmplus container gives a HTTP 200.

However, I do now realize that I had an issue this week where the charset of a config file caused issues... It might be a long shot but we'll verify if there are any weird non-ASCII characters that trip the system somewhere.

shell vine
#

try

curl -I -H "X-Api-Key: <YOUR_BOUNCER_API_KEY>" http://127.0.0.1:8080/v1/decisions/stream
#

but if its from the npmplus container it should be http://crowdsec:8080

pseudo pewter
lethal perch
#

recreating the crowdsec.conf file saddly did not fix the issue

shell vine
#

from the limited information I got, it would point to that npmplus or nginx is not loading the module. You can try grepping the logs of npmplus as crowdsec lua itself attempts to log when it initializes just try grep -i crowdsec whereever the logs

lethal perch
#

I'll be gathering some more info next week. Thanks for the feedback provided already

lethal perch
#

I've managed to solve the issue over the weekend. Not 200% sure about what has resolved the issue 🥲