crowdsec

2026-04-10 02:54:39 -07:00 · 2026-01-16 02:51:33 -08:00 · 2026-01-16 02:51:33 -08:00 · 3676153c68
commit 3676153c68
parent 5abbaddeaf
1 changed files with 22 additions and 25 deletions
--- a/modules/nixos/orac/crowdsec.nix
+++ b/modules/nixos/orac/crowdsec.nix
@ -3,6 +3,7 @@
 {
  services.crowdsec = {
    enable = true;
+    allowLocalAPI = true;

    hub = {
      collections = [
@ -13,32 +14,28 @@
      ];
    };

-    localConfig = {
-      # Log Sources
-      acquisitions = [
-        {
-          source = "journalctl";
-          journalctl_filter = [ "_SYSTEMD_UNIT=sshd.service" ];
-          labels.type = "syslog";
-        }
-        {
-          source = "journalctl";
-          journalctl_filter = [
-            "SYSLOG_IDENTIFIER=sudo"
-            "SYSLOG_IDENTIFIER=auth"
-          ];
-          labels.type = "syslog";
-        }
-        {
-          source = "journalctl";
-          journalctl_filter = [ "_SYSTEMD_UNIT=docker-traefik.service" ];
-          labels.type = "traefik";
-        }
-      ];
-
-      api.server.enable = true;
-    };
+    acquisitions = [
+      {
+        source = "journalctl";
+        journalctl_filter = [ "_SYSTEMD_UNIT=sshd.service" ];
+        labels.type = "syslog";
+      }
+      {
+        source = "journalctl";
+        journalctl_filter = [
+          "SYSLOG_IDENTIFIER=sudo"
+          "SYSLOG_IDENTIFIER=auth"
+        ];
+        labels.type = "syslog";
+      }
+      {
+        source = "journalctl";
+        journalctl_filter = [ "_SYSTEMD_UNIT=docker-traefik.service" ];
+        labels.type = "traefik";
+      }
+    ];
  };
+
  services.crowdsec-firewall-bouncer = {
    enable = true;