update docker image + documentation (#602)
Co-authored-by: erenJag <erenJag>
This commit is contained in:
parent
dae4458a6f
commit
18ff3a3a30
|
@ -6,11 +6,12 @@ WORKDIR /go/src/crowdsec
|
||||||
COPY . .
|
COPY . .
|
||||||
|
|
||||||
RUN apk update && apk add git jq gcc libc-dev make bash gettext
|
RUN apk update && apk add git jq gcc libc-dev make bash gettext
|
||||||
RUN BUILD_VERSION="$(git describe --tags `git rev-list --tags --max-count=1`)" make release
|
RUN BUILD_VERSION="$(git describe --tags `git rev-list --tags --max-count=1`)-docker" make release
|
||||||
RUN /bin/bash wizard.sh --docker-mode
|
RUN /bin/bash wizard.sh --docker-mode
|
||||||
RUN cscli hub update && cscli collections install crowdsecurity/linux
|
RUN cscli hub update && cscli collections install crowdsecurity/linux
|
||||||
|
|
||||||
FROM alpine:latest
|
FROM alpine:latest
|
||||||
|
RUN wget https://github.com/mikefarah/yq/releases/download/v4.4.1/yq_linux_amd64 -O /usr/bin/yq && chmod +x /usr/bin/yq
|
||||||
COPY --from=build /etc/crowdsec /etc/crowdsec
|
COPY --from=build /etc/crowdsec /etc/crowdsec
|
||||||
COPY --from=build /var/lib/crowdsec /var/lib/crowdsec
|
COPY --from=build /var/lib/crowdsec /var/lib/crowdsec
|
||||||
COPY --from=build /usr/local/bin/crowdsec /usr/local/bin/crowdsec
|
COPY --from=build /usr/local/bin/crowdsec /usr/local/bin/crowdsec
|
||||||
|
@ -18,5 +19,4 @@ COPY --from=build /usr/local/bin/cscli /usr/local/bin/cscli
|
||||||
COPY --from=build /go/src/crowdsec/docker/docker_start.sh /
|
COPY --from=build /go/src/crowdsec/docker/docker_start.sh /
|
||||||
COPY --from=build /go/src/crowdsec/docker/config.yaml /etc/crowdsec/config.yaml
|
COPY --from=build /go/src/crowdsec/docker/config.yaml /etc/crowdsec/config.yaml
|
||||||
|
|
||||||
|
|
||||||
ENTRYPOINT /bin/sh docker_start.sh
|
ENTRYPOINT /bin/sh docker_start.sh
|
|
@ -31,17 +31,15 @@ The container is built with specific docker [configuration](https://github.com/c
|
||||||
You should apply following configuration before starting it :
|
You should apply following configuration before starting it :
|
||||||
|
|
||||||
* Specify collections|scenarios|parsers/postoverflows to install via the environment variables (by default [`crowdsecurity/linux`](https://hub.crowdsec.net/author/crowdsecurity/collections/linux) is installed)
|
* Specify collections|scenarios|parsers/postoverflows to install via the environment variables (by default [`crowdsecurity/linux`](https://hub.crowdsec.net/author/crowdsecurity/collections/linux) is installed)
|
||||||
* Mount volumes to specify your configuration
|
|
||||||
* Mount volumes to specify your log files that should be ingested by crowdsec (set up in acquis.yaml)
|
* Mount volumes to specify your log files that should be ingested by crowdsec (set up in acquis.yaml)
|
||||||
* Mount other volumes : if you want to share the database for example
|
* Mount other volumes : if you want to share the database for example
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
docker run -d -v config.yaml:/etc/crowdsec/config.yaml \
|
docker run -d -v acquis.yaml:/etc/crowdsec/acquis.yaml \
|
||||||
-v acquis.yaml:/etc/crowdsec/acquis.yaml \
|
|
||||||
-e COLLECTIONS="crowdsecurity/sshd"
|
-e COLLECTIONS="crowdsecurity/sshd"
|
||||||
-v /var/log/auth.log:/var/log/auth.log \
|
-v /var/log/auth.log:/var/log/auth.log \
|
||||||
-v /path/mycustom.log:/var/log/mycustom.log \
|
-v /path/mycustom.log:/var/log/mycustom.log \
|
||||||
--name crowdsec <built-image-tag>
|
--name crowdsec crowdsecurity/crowdsec
|
||||||
```
|
```
|
||||||
|
|
||||||
#### Example
|
#### Example
|
||||||
|
@ -83,9 +81,11 @@ docker run -d -v config.yaml:/etc/crowdsec/config.yaml \
|
||||||
-v /path/myDatabase.db:/var/lib/crowdsec/data/crowdsec.db \
|
-v /path/myDatabase.db:/var/lib/crowdsec/data/crowdsec.db \
|
||||||
-e COLLECTIONS="crowdsecurity/apache2 crowdsecurity/sshd" \
|
-e COLLECTIONS="crowdsecurity/apache2 crowdsecurity/sshd" \
|
||||||
-p 8080:8080 -p 6060:6060 \
|
-p 8080:8080 -p 6060:6060 \
|
||||||
--name crowdsec <built-image-tag>
|
--name crowdsec crowdsecurity/crowdsec
|
||||||
```
|
```
|
||||||
|
|
||||||
|
If you want to be able to restart/stop your container and keep the same DB `-v /path/myDatabase.db:/var/lib/crowdsec/data/crowdsec.db` you need to add a volume on local_api_credentials.yaml `-v /path/local_api_credentials.yaml:/etc/crowdsec/local_api_credentials.yaml`.
|
||||||
|
|
||||||
### Environment Variables
|
### Environment Variables
|
||||||
|
|
||||||
* `COLLECTIONS` - Collections to install from the [hub](https://hub.crowdsec.net/browse/#collections), separated by space : `-e COLLECTIONS="crowdsecurity/linux crowdsecurity/apache2"`
|
* `COLLECTIONS` - Collections to install from the [hub](https://hub.crowdsec.net/browse/#collections), separated by space : `-e COLLECTIONS="crowdsecurity/linux crowdsecurity/apache2"`
|
||||||
|
@ -99,7 +99,7 @@ docker run -d -v config.yaml:/etc/crowdsec/config.yaml \
|
||||||
* `TEST_MODE` - Only test configs (default: `false`) : `-e TEST_MODE="<true|false>"`
|
* `TEST_MODE` - Only test configs (default: `false`) : `-e TEST_MODE="<true|false>"`
|
||||||
* `DISABLE_AGENT` - Only test configs (default: `false`) : `-e DISABLE_AGENT="<true|false>"`
|
* `DISABLE_AGENT` - Only test configs (default: `false`) : `-e DISABLE_AGENT="<true|false>"`
|
||||||
* `DISABLE_LOCAL_API` - Disable local API (default: `false`) : `-e DISABLE_API="<true|false>"`
|
* `DISABLE_LOCAL_API` - Disable local API (default: `false`) : `-e DISABLE_API="<true|false>"`
|
||||||
* `REGISTER_TO_ONLINE_API` - Register to Online API (default: `false`) : `-e REGISTER_TO_ONLINE_API="<true|false>"`
|
* `DISABLE_ONLINE_API` - Disable Online API registration for signal sharing (default: `false`) : `-e DISABLE_ONLINE_API="<true|false>"`
|
||||||
* `LEVEL_TRACE` - Trace-level (VERY verbose) on stdout (default: `false`) : `-e LEVEL_TRACE="<true|false>"`
|
* `LEVEL_TRACE` - Trace-level (VERY verbose) on stdout (default: `false`) : `-e LEVEL_TRACE="<true|false>"`
|
||||||
* `LEVEL_DEBUG` - Debug-level on stdout (default: `false`) : `-e LEVEL_DEBUG="<true|false>"`
|
* `LEVEL_DEBUG` - Debug-level on stdout (default: `false`) : `-e LEVEL_DEBUG="<true|false>"`
|
||||||
* `LEVEL_INFO` - Info-level on stdout (default: `false`) : `-e LEVEL_INFO="<true|false>"`
|
* `LEVEL_INFO` - Info-level on stdout (default: `false`) : `-e LEVEL_INFO="<true|false>"`
|
||||||
|
|
|
@ -16,7 +16,7 @@ crowdsec_service:
|
||||||
parser_routines: 1
|
parser_routines: 1
|
||||||
cscli:
|
cscli:
|
||||||
output: human
|
output: human
|
||||||
hub_branch: wip_lapi
|
hub_branch: master
|
||||||
db_config:
|
db_config:
|
||||||
log_level: info
|
log_level: info
|
||||||
type: sqlite
|
type: sqlite
|
||||||
|
|
|
@ -6,10 +6,12 @@ if [ $? == 1 ]; then
|
||||||
cscli machines add --force --auto -f /etc/crowdsec/local_api_credentials.yaml
|
cscli machines add --force --auto -f /etc/crowdsec/local_api_credentials.yaml
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ "$REGISTER_TO_ONLINE_API" == "true" ] || [ "$REGISTER_TO_ONLINE_API" == "TRUE" ] && [ "$CONFIG_FILE" == "" ] ; then
|
# registration to online API for signal push
|
||||||
cat /etc/crowdsec/config.yaml | grep online_api_credentials.yaml
|
if [ "$DISABLE_ONLINE_API" == "" ] && [ "$CONFIG_FILE" == "" ] ; then
|
||||||
if [ $? == 1 ]; then
|
CONFIG_EXIST=$(yq eval '.api.server.online_client | has("credentials_path")' /etc/crowdsec/config.yaml)
|
||||||
sed -ri 's/^(\s*)(#credentials_path\s*:\s*$)/\1credentials_path: \/etc\/crowdsec\/online_api_credentials.yaml/' /etc/crowdsec/config.yaml
|
if [ "$CONFIG_EXIST" != "true" ]; then
|
||||||
|
yq eval '.api.server.online_client = {"credentials_path": "/etc/crowdsec/online_api_credentials.yaml"}' /etc/crowdsec/config.yaml > /etc/crowdsec/config2.yaml
|
||||||
|
mv /etc/crowdsec/config2.yaml /etc/crowdsec/config.yaml
|
||||||
cscli capi register > /etc/crowdsec/online_api_credentials.yaml
|
cscli capi register > /etc/crowdsec/online_api_credentials.yaml
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
|
@ -31,17 +31,15 @@ The container is built with specific docker [configuration](https://github.com/c
|
||||||
You should apply following configuration before starting it :
|
You should apply following configuration before starting it :
|
||||||
|
|
||||||
* Specify collections|scenarios|parsers/postoverflows to install via the environment variables (by default [`crowdsecurity/linux`](https://hub.crowdsec.net/author/crowdsecurity/collections/linux) is installed)
|
* Specify collections|scenarios|parsers/postoverflows to install via the environment variables (by default [`crowdsecurity/linux`](https://hub.crowdsec.net/author/crowdsecurity/collections/linux) is installed)
|
||||||
* Mount volumes to specify your configuration
|
|
||||||
* Mount volumes to specify your log files that should be ingested by crowdsec (set up in acquis.yaml)
|
* Mount volumes to specify your log files that should be ingested by crowdsec (set up in acquis.yaml)
|
||||||
* Mount other volumes : if you want to share the database for example
|
* Mount other volumes : if you want to share the database for example
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
docker run -d -v config.yaml:/etc/crowdsec/config.yaml \
|
docker run -d -v acquis.yaml:/etc/crowdsec/acquis.yaml \
|
||||||
-v acquis.yaml:/etc/crowdsec/acquis.yaml \
|
|
||||||
-e COLLECTIONS="crowdsecurity/sshd"
|
-e COLLECTIONS="crowdsecurity/sshd"
|
||||||
-v /var/log/auth.log:/var/log/auth.log \
|
-v /var/log/auth.log:/var/log/auth.log \
|
||||||
-v /path/mycustom.log:/var/log/mycustom.log \
|
-v /path/mycustom.log:/var/log/mycustom.log \
|
||||||
--name crowdsec <built-image-tag>
|
--name crowdsec crowdsecurity/crowdsec
|
||||||
```
|
```
|
||||||
|
|
||||||
#### Example
|
#### Example
|
||||||
|
@ -83,10 +81,10 @@ docker run -d -v config.yaml:/etc/crowdsec/config.yaml \
|
||||||
-v /path/myDatabase.db:/var/lib/crowdsec/data/crowdsec.db \
|
-v /path/myDatabase.db:/var/lib/crowdsec/data/crowdsec.db \
|
||||||
-e COLLECTIONS="crowdsecurity/apache2 crowdsecurity/sshd" \
|
-e COLLECTIONS="crowdsecurity/apache2 crowdsecurity/sshd" \
|
||||||
-p 8080:8080 -p 6060:6060 \
|
-p 8080:8080 -p 6060:6060 \
|
||||||
--name crowdsec <built-image-tag>
|
--name crowdsec crowdsecurity/crowdsec
|
||||||
```
|
```
|
||||||
|
|
||||||
If you want to be able to restart/stop your container and keep the same DB `-v /path/myDatabase.db:/var/lib/crowdsec/data/crowdsec.db` you need to add a volume on local_api_credentials.yaml `-v /path/local_api_credentials.yaml:/etc/crowdsec/local_api_credentials.yaml`
|
If you want to be able to restart/stop your container and keep the same DB `-v /path/myDatabase.db:/var/lib/crowdsec/data/crowdsec.db` you need to add a volume on local_api_credentials.yaml `-v /path/local_api_credentials.yaml:/etc/crowdsec/local_api_credentials.yaml`.
|
||||||
|
|
||||||
### Environment Variables
|
### Environment Variables
|
||||||
|
|
||||||
|
@ -101,7 +99,7 @@ If you want to be able to restart/stop your container and keep the same DB `-v /
|
||||||
* `TEST_MODE` - Only test configs (default: `false`) : `-e TEST_MODE="<true|false>"`
|
* `TEST_MODE` - Only test configs (default: `false`) : `-e TEST_MODE="<true|false>"`
|
||||||
* `DISABLE_AGENT` - Only test configs (default: `false`) : `-e DISABLE_AGENT="<true|false>"`
|
* `DISABLE_AGENT` - Only test configs (default: `false`) : `-e DISABLE_AGENT="<true|false>"`
|
||||||
* `DISABLE_LOCAL_API` - Disable local API (default: `false`) : `-e DISABLE_API="<true|false>"`
|
* `DISABLE_LOCAL_API` - Disable local API (default: `false`) : `-e DISABLE_API="<true|false>"`
|
||||||
* `REGISTER_TO_ONLINE_API` - Register to Online API (default: `false`) : `-e REGISTER_TO_ONLINE_API="<true|false>"`
|
* `DISABLE_ONLINE_API` - Disable Online API registration for signal sharing (default: `false`) : `-e DISABLE_ONLINE_API="<true|false>"`
|
||||||
* `LEVEL_TRACE` - Trace-level (VERY verbose) on stdout (default: `false`) : `-e LEVEL_TRACE="<true|false>"`
|
* `LEVEL_TRACE` - Trace-level (VERY verbose) on stdout (default: `false`) : `-e LEVEL_TRACE="<true|false>"`
|
||||||
* `LEVEL_DEBUG` - Debug-level on stdout (default: `false`) : `-e LEVEL_DEBUG="<true|false>"`
|
* `LEVEL_DEBUG` - Debug-level on stdout (default: `false`) : `-e LEVEL_DEBUG="<true|false>"`
|
||||||
* `LEVEL_INFO` - Info-level on stdout (default: `false`) : `-e LEVEL_INFO="<true|false>"`
|
* `LEVEL_INFO` - Info-level on stdout (default: `false`) : `-e LEVEL_INFO="<true|false>"`
|
||||||
|
|
Loading…
Reference in a new issue