death916/nixconfig
1
0
Fork 0
mirror of https://github.com/Death916/nixconfig.git synced 2026-04-11 04:48:25 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions
nixconfig/modules/nixos/orac/crowdsec.nix
death916 3676153c68 crowdsec
2026-01-16 02:51:33 -08:00

55 lines
1.1 KiB
Nix
Raw Blame History

{ config, pkgs, ... }:
{
services.crowdsec = {
enable = true;
allowLocalAPI = true;
hub = {
collections = [
"crowdsecurity/linux"
"crowdsecurity/sshd"
"crowdsecurity/traefik"
"crowdsecurity/http-cve"
];
};
acquisitions = [
{
source = "journalctl";
journalctl_filter = [ "_SYSTEMD_UNIT=sshd.service" ];
labels.type = "syslog";
}
{
source = "journalctl";
journalctl_filter = [
"SYSLOG_IDENTIFIER=sudo"
"SYSLOG_IDENTIFIER=auth"
];
labels.type = "syslog";
}
{
source = "journalctl";
journalctl_filter = [ "_SYSTEMD_UNIT=docker-traefik.service" ];
labels.type = "traefik";
}
];
};
services.crowdsec-firewall-bouncer = {
enable = true;
registerBouncer = {
enable = true;
};
settings = {
mode = "nftables";
log_level = "info";
update_frequency = "10s";
api_url = "http://127.0.0.1:8080/";
};
};
users.users.crowdsec.extraGroups = [ "systemd-journal" ];
}
Reference in a new issue View git blame Copy permalink