beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
1703 commits 83 branches 177 tags 151 MiB
Commit graph

54 commits

Author SHA1 Message Date
blotus c6e40191dd
Revert "docker: pre-download all hub items and data, opt-in hub updat… (#2947) 2024-04-18 15:33:51 +02:00
mmetc 0e8a1c681b
docker: pre-download all hub items and data, opt-in hub update/upgrade (#2933) 
* docker: pre-download all hub items and data, opt-in hub update/upgrade

* docker/bars: don't purge anything before pre-downloading hub

* Docker: README update
 2024-04-08 14:53:12 +02:00
mmetc 3921c3f480
CI: rename workflows, improve docker build and tests (#2798) 2024-01-31 12:07:27 +01:00
mmetc 311dfdee1f
Decouple docker image from package release (#2791) 
- entry point fixes for 1.6.0
 - correctly override BUILD_VERSION argument
 - manual release workflow
 2024-01-29 22:05:26 +01:00
Laurence Jones 2fb6f209aa
Update docker_start.sh (#2780) 
* Update docker_start.sh

* disable 'set -e' in docker entrypoint

---------

Co-authored-by: marco <marco@crowdsec.net>
 2024-01-24 22:51:33 +00:00
blotus bc3a179af9
Add env vars to install/remove appsec-{configs,rules} in docker image (#2664) 2023-12-14 16:54:12 +01:00
he2ss 4a4b309790
docker: add new env var to enable console_management (#2599) 2023-12-12 10:24:03 +01:00
mmetc 4acb4f8df3
cwhub: context type (#2631) 
* add hub type "context"
* cscli lapi: log.Fatal -> fmt.Errorf; lint
* tests for context.yaml
* load console context from hub
* original & compiled context
* deprecate "cscli lapi context delete"
$ cscli lapi context delete
Command "delete" is deprecated, please manually edit the context file.
* cscli completion: add appsec-rules, appsec-configs, explain, hubtest
 2023-12-07 16:20:13 +01:00
mmetc 8bb7da3994
docker tests: force local machine creation (#2636) 
This is required from 1.5.6 to overwrite the local credentials file
 2023-12-05 11:52:04 +01:00
mmetc ffcab0b2bc
Refactor hub management and cscli commands (#2545) 2023-11-24 15:57:32 +01:00
mmetc 7ffa0cc787
docker: replace cp -an with rsync to allow bind-mount of files in /etc/crowdsec (#2611) 
fix for https://github.com/crowdsecurity/crowdsec/issues/2480
 2023-11-23 11:08:14 +01:00
mmetc 643445b7cf
docker: allow GID with no persistent sqlite db (#2381) 2023-07-28 16:01:50 +02:00
mmetc 5cb7013575
Check cscli preconditions with crowdsec-cli/require package (#2388) 2023-07-27 17:02:20 +02:00
mmetc 4137482f65
docker: always merge .yaml.local in conf_get() (#2272) 
With this change, all queries to the configuration will return the
values from .local if they are set. However, conf_set will only write
to .yaml and never to .local. This means users can potentially override
values that are supposed to be under control of the entrypoint
(credentials and things set from envvars).
 2023-06-23 15:49:09 +02:00
mmetc e1400d28f1
support capi_whitelists.yaml (#2224) 2023-05-25 10:02:33 +02:00
mmetc 0c5d233563
Minor cleanup and dead code removal (#2166) 2023-04-12 16:57:38 +02:00
mmetc f39fbf07fa
Docker: don't re-register local agent if not needed (#2141) 2023-03-27 15:38:38 +02:00
mmetc 68d4bdc1bd
Docker: correct behavior of AGENTS_ALLOWED_OU, BOUNCERS_ALLOWED_OU (#2140) 2023-03-24 11:23:04 +01:00
mmetc 3bf95e1a83
docker: skip temporary installation of disabled items (#2018) 2023-01-26 17:13:57 +01:00
mmetc b0f370bae2
fix docker support for legacy vars (#2021) 2023-01-26 17:12:40 +01:00
he2ss ce60c7b056
docker: add cri-logs collection by default to support CRI log format (#2005) 2023-01-20 16:02:04 +00:00
Yip Rui Fung ecb5562b57
Fix docker_start.sh not properly handling env vars (#1993) 
For example, the COLLECTIONS environment variable is supposed to do a space separated list.
But with the unquoted call to cscli_if_clean without quotes on the $COLLECTIONS environment variable, only the first entry is passed to it.
As a result, only the first entry is installed.

Would likely affect all call sites to cscli_if_clean
 2023-01-14 19:56:27 +01:00
mmetc d986ae0ee5
fix yq behavior with bind-mount config.yaml (#1968) 
Co-authored-by: Thibault "bui" Koechlin <thibault@crowdsec.net>
 2023-01-09 21:47:25 +01:00
mmetc dfc4126384
Docker config/auth/TLS refactoring from from v1.4.4 (#1967) 2023-01-04 16:43:35 +01:00
mmetc 72c1753fb7
fix tls communication with lapi and user/pw auth (#1956) 
allow self-signed TLS encryption with user/pw auth

docker:
 - remove defaults for certificate file locations
 - new envvar INSECURE_SKIP_VERIFY
 - register agent before TLS settings (cscli machine add removes them
   from the credentials file)
 2022-12-29 22:00:11 +01:00
mmetc f68bc113a7
docker: separate CLIENT_* and LAPI_* variables for tls certificates (#1929) 2022-12-16 20:41:39 +01:00
mmetc 409721414b
docker: fix/improve support for persistent configurations (#1915) 
set all defaults in config.yaml and leave environment variables empty. This way when they are set we know that we must override the values in config.yaml.
ignore tainted objects when calling install/upgrade/remove
use_wal is false by default
 2022-12-10 22:09:25 +01:00
mmetc 10ee07cea0
docker: correctly extract BOUNCER_KEY_* (fix #1912) (#1913) 2022-12-06 16:03:28 +01:00
mmetc f2528f3e29
add USE_WAL to docker arguments (#1899) 2022-11-30 14:28:33 +01:00
mmetc d15014f82e
silence harmless "machines delete" error in dockerfile (#1904) 2022-11-30 14:19:20 +01:00
mmetc fde9640364
Docker refactoring, tls setup (#1869) 2022-11-28 10:35:12 +01:00
mmetc b0889d7751
docker build flavors: slim, with-plugins, with-geoip, full (#1862) 2022-11-08 12:28:57 +01:00
AlteredCoder 59fc403e32
fix docker_start without using jq (#1855) 
* fix docker_start without using jq
 2022-11-07 10:07:26 +01:00
Stephane de Labrusse daae241ff9
fix #1794 (TLS is forced even when -e USE_TLS="false") 2022-10-07 16:31:03 +02:00
he2ss 3c6834fc18
docker_start: improve start script (#1599) 2022-06-22 11:31:55 +02:00
he2ss ec4e193cbb
docker: add enroll on startup (#1463) 
* docker: add enroll on startup
 2022-04-20 13:35:22 +02:00
Adam 33ef6eaea6
Register bouncers on container init (#1341) 
* Register bounces on init
 2022-04-04 10:18:44 +02:00
Chad Jones 19817083d1
Docker prestage - correct database directory (#1312) 2022-03-07 10:35:32 +01:00
Andreas Krüger d18620858e
Create debian docker package including journalctl/systemd (#1233) 
* Create debian docker package with journalctl

Co-authored-by: he2ss <hamza.essahely@gmail.com>
 2022-02-15 17:10:15 +01:00
Andreas Krüger 02765a74fa
Add LOCAL_API_URL to register auto an agent (#1231) 2022-02-03 12:26:20 +01:00
Andreas Krüger 8c878b0669
Add TLS functionality from env variables (#1227) 
* Add TLS functionality settings from env variables
 2022-02-02 13:20:12 +01:00
Andreas Krüger ead0a06f0c
Set custom hostname for local agent credentials (#1229) 
* Set custom hostname for local agent credentials
 2022-02-02 10:12:54 +01:00
Andreas Krüger d5f17ee377
Set LOCAL_API_URL on regeneration of local agent (#1226) 
The local agent credentials file contains the URL for the local API endpoint. If you set it through the environment variable, it is not honored when regenerating the URL for the localhost machine.

This PR will set the LOCAL_API_URL on the regeneration of credentials if it's defined.
 2022-02-01 17:45:04 +01:00
Adam d2bd01d009
Prestage files and copy on init to fix bind mount issues (#1216) 2022-02-01 12:35:57 +01:00
Shivam Sandbhor 4bf996a716
Make docker start executable (#1031) 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2021-11-02 10:24:30 +01:00
mmetc f10187bd6d
typos (#1036) 2021-11-02 09:19:22 +01:00
he2ss 4d4d6d802c
fix #1008 + regenerate localhost credentials on start (#1009) 2021-10-14 17:02:38 +02:00
he2ss 990599a0b5
update docker entrypoint script (#982) 2021-09-21 10:54:05 +02:00
he2ss ff400c9bca
fix docker image + install whitelists on build (#968) 
* fix docker image + install whitelists on build
 2021-09-13 10:48:48 +02:00
he2ss 88846ac115
update docker image documentation + docker start script (#965) 
* update docker image documentation  + docker start script
 2021-09-10 14:59:22 +02:00