From 17a4f1c9298bcb6ba83c2cb42e6c248a732ad8ad Mon Sep 17 00:00:00 2001 From: death916 Date: Fri, 16 Jan 2026 04:32:00 -0800 Subject: [PATCH] crowdsec vaultwarden --- modules/containers/docker/crowdsec/crowdsec.nix | 8 +++++++- modules/nixos/orac/services.nix | 2 +- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/modules/containers/docker/crowdsec/crowdsec.nix b/modules/containers/docker/crowdsec/crowdsec.nix index 1fd8281..d94e7e6 100644 --- a/modules/containers/docker/crowdsec/crowdsec.nix +++ b/modules/containers/docker/crowdsec/crowdsec.nix @@ -20,6 +20,12 @@ let type: syslog --- source: journalctl + journalctl_filter: + - "_SYSTEMD_UNIT=vaultwarden.service" + labels: + type: vaultwarden + --- + source: journalctl journalctl_filter: - "SYSLOG_IDENTIFIER=sudo" - "SYSLOG_IDENTIFIER=auth" @@ -42,7 +48,7 @@ in autoStart = true; ports = [ "127.0.0.1:8080:8080" ]; environment = { - COLLECTIONS = "crowdsecurity/linux crowdsecurity/sshd crowdsecurity/traefik crowdsecurity/http-cve"; + COLLECTIONS = "crowdsecurity/linux crowdsecurity/sshd crowdsecurity/traefik crowdsecurity/http-cve crowdsecurity/vaultwarden"; GID = "0"; }; volumes = [ diff --git a/modules/nixos/orac/services.nix b/modules/nixos/orac/services.nix index 488cb54..e184269 100644 --- a/modules/nixos/orac/services.nix +++ b/modules/nixos/orac/services.nix @@ -35,7 +35,7 @@ ROCKET_ADDRESS = "100.72.187.12"; ROCKET_PORT = 8222; - ROCKET_LOG = "critical"; + ROCKET_LOG = "warn"; environmentFile = "/var/lib/vaultwarden/vault.env"; # This example assumes a mailserver running on localhost, # thus without transport encryption.