Enjoy today's video on CrowdSec? Let us know in the comments! Thanks for watching and being part of IBRACORP! ➡Subscribe on our website if you want to support us: ibracorp.io ➡Join us on Discord: discord.gg/VWAG7rZ Please don't forget to like and subscribe to help us help you! 👍
Thanks for the guide! I'll give this docker setup a shot, but I'm very much looking forward to their eventual release of an opnsense compatible version.
Yes Sycotix. Been trying to work this out but haven't had the time Crowdsec seems to be easy on everything except what I have setup, so just gonna move it all to the unraid server
I installed the crowdsec docker container from the appstore in unraid, but it doesn't work out of the box. Web Gui stays black too. Also I can't install bouncers because the commandos (deb yum ) don't work in unraid. It would be great if there was a video or an installer guide
Thanks for the tutorial, really love and appreciate what you guys are doing! Just a question, what's the best way to test if CrowdSec is properly running?
@@IBRACORP Unraid has some problems at least in my config. All the traefik logs only show internal (docker) IPs so it can't block anything. Is something missing from the guide?
Enjoyed the video, love the new apps etc your bringing to the table, it's just a little disappointing that you are moving further away from unraid which is where your guides originally helped me. Keep bringing us cool new apps though!
I think they are simply broadening their scope. Unraid is very much included. If you haven't yet, please join their discord. You can find a great community and you can suggest topics for new unraid content for example.
Yeah we are just curious creatures and love to explore! Unraid will always be our bread and butter and we will continue to cover Unraid content but like to play with new toys and learn new skills. Give it a try yourself and see how you get on!
Are the last steps for authelia and vaultwarden necessary if you're running these? I'm having trouble getting them to work properly with unraid's templates. If they're not necessary, what are the benefits of getting it properly configured?
Not required per se but the summary is: crowdsec will block IPs but will not block, for example, brute force attacks in your Authelia logins. So that's where the Authelia part comes in
awesome video. would there be a possibility to get that same combo setup up and video with nginx proxy mananger ? I am running all of my docker containers on a pi 4 how that is not a bottle neck
Great video. Would it be possible to enhance this further to also include the ability to hide behind Cloudflare and to configure Traefik / Authelia to be able to display the real source ip address. Then this would be a great overall service.
As always a great video! Unfortunately I use NPM in Unraid and can't manage to include CrowdSec. Surely I'm not the only one, would you have a tip or maybe you have a video in the making? ^^''
Hi Valentino, have you read our written docs for CrowdSec? We have the unraid instructions in there. I'll save you a click 🙂 docs.ibracorp.io/crowdsec/crowdsec/unraid
These videos are so well out together unfortunately I don’t use untaos so a lot of its value is lost. Shame so much focus on y raid but appreciate the effort
Hi Norbert, the tunnel is just that, a tunnel. It will not stop malicious IPs or brute force attacks, which we is where CrowdSec comes in. So to answer your question, both!
I can't edit acquis.yml using code server, I get permission error. Also Authelia can't start returning an error that it has no permission to access /var/log/crowdsec. Weirdly enough, traefik doesn't have that issue. I'm following the unraid written guide.
You will have to make sure all the containers have the correct permissions. Code server May not have enough permissions to access files owned by root for example. The authelia container may not be able to edit files owned by root either. You will have to make sure everything has the right permissions to access everything properly
after adding traefik settings to the compose files, composing and restarting i have no /mnt/user/appdata/traefik folder and also no logs or anything i could check from traefik to see if its composing right or running, portainer atleast says its healthy and running but with no logs whatsoever. i wonder why i get no logs nor directorys made by traefik ? im stuck at the tutorial at nano /mnt/user/appdata/traefik/traefik.yml because this directory does not exist. Shure i could create it but shouldnt it be there already from traefik ? the only obvious error i get in the crowdsec logs: time="26-12-2023 00:14:31" level=info msg="loading acquisition file : /etc/crowdsec/acquis.yaml" time="26-12-2023 00:14:31" level=warning msg="No matching files for pattern /var/log/crowdsec/traefik.log" type=file time="26-12-2023 00:14:31" level=info msg="Adding file /var/log/auth.log to datasources" type=file time="26-12-2023 00:14:31" level=warning msg="No matching files for pattern /var/log/crowdsec/authelia.log" type=file time="26-12-2023 00:14:31" level=info msg="Starting processing data" time="26-12-2023 00:14:31" level=warning msg="/var/log/auth.log is a directory, ignoring it." type=file it seems there are no logs there so i dont know why tbh and what to do, im on this for 4+ hours already
![Gunna - HIM ALL ALONG [Official Video]](http://i.ytimg.com/vi/w7Wf0h1Q8a4/mqdefault.jpg)
Enjoy today's video on CrowdSec? Let us know in the comments!
Thanks for watching and being part of IBRACORP!
➡Subscribe on our website if you want to support us: ibracorp.io
➡Join us on Discord: discord.gg/VWAG7rZ
Please don't forget to like and subscribe to help us help you! 👍
Excited for what seems to be the ultimate security guide!
Nice video.
Like the idea of a simple IPS like this and it's well explained. Thank you
Thanks for watching Louis
Thanks for the guide! I'll give this docker setup a shot, but I'm very much looking forward to their eventual release of an opnsense compatible version.
Me too!! Hopefully pfSense too
same!
Thanks for the nice words. We have a final release of the port for OPNsense ready real soon where it will be available along with the other addons.
@@hawks5196 Yes, we're considering pfSense as well. Nothing is certain yet though.
@@crowdsec Excellent! Thanks for the reply, I'll give the OPNsense addon a shot as soon as it is available.
An NGINX Proxy Manager in Unraid would be a good video as well. Do you know if you can add Nextcloud to crowsec?
Yeah there is an Nginx proxy manager bouncer and also a Nextcloud collection for parsing the logs and detecting typical attacks on nextcloud
Would love to See nginx Version please
Can do!
So the nginx proxy manager bouncer is waiting on PR's as it needs to be added directly into the docker image. It's a WIP
Thanks for clarifying @LaPresidente
Was looking forward to this, but more interested in npm using custom bouncer and cloudflare bouncer.
Thanks Wenli. Might be one for the future 😉
Yes Sycotix. Been trying to work this out but haven't had the time
Crowdsec seems to be easy on everything except what I have setup, so just gonna move it all to the unraid server
Let us know how you get on!!
I'm curious what you are using for your terminal in this video? Cheers
It’s Termius, great app but also looking into some alternatives
@@IBRACORP Awesome, it does look great, thank you!
I installed the crowdsec docker container from the appstore in unraid, but it doesn't work out of the box. Web Gui stays black too. Also I can't install bouncers because the commandos (deb yum ) don't work in unraid. It would be great if there was a video or an installer guide
Thanks for the tutorial, really love and appreciate what you guys are doing! Just a question, what's the best way to test if CrowdSec is properly running?
docker exec crowdsec cscli metrics OR docker exec crowdsec cscli decisions list
Do you guys have any plans to create a guide for someone with NPM & Organzirr using server based auth? As I'm finding I'm hitting a few snags :)
Will be cool to see if it work good in Unraid with Crowdsec Docker plus NPM and nextcloud Collection added to Authelia and Vaultwarden like here
We should be able to cover that for you in this series ☺️ stay tuned!
@@IBRACORP I’m excited!!!
Great video, would be great to see a NPM video, however without Unraid etc. I like how did you did this video in straight up ubuntu.
Excellent, is there any difference on using the unRAID dockers instead ?
Not really, but we'll be covering this very soon!
@@IBRACORP Unraid has some problems at least in my config. All the traefik logs only show internal (docker) IPs so it can't block anything. Is something missing from the guide?
Enjoyed the video, love the new apps etc your bringing to the table, it's just a little disappointing that you are moving further away from unraid which is where your guides originally helped me.
Keep bringing us cool new apps though!
I think they are simply broadening their scope. Unraid is very much included. If you haven't yet, please join their discord. You can find a great community and you can suggest topics for new unraid content for example.
Yeah we are just curious creatures and love to explore! Unraid will always be our bread and butter and we will continue to cover Unraid content but like to play with new toys and learn new skills. Give it a try yourself and see how you get on!
@@IBRACORP i was able to get crowdsec running on unraid succesfully, maybe try that after you get familiar :)
Thanks Charles! Keen to show it off for people. Anything you'd share different to our video for Unraid?
@@baileycw15 How did you configure your volumes mapping ? I'm a bit lost regarding the logs mapping
What is that CLI you are using?
Just curious what that environment is starting at 5:48? Is that a remote server interface, or just a nifty window manager?
That's an application called Termius which we use as our SSH manager
Are the last steps for authelia and vaultwarden necessary if you're running these? I'm having trouble getting them to work properly with unraid's templates. If they're not necessary, what are the benefits of getting it properly configured?
Not required per se but the summary is: crowdsec will block IPs but will not block, for example, brute force attacks in your Authelia logins. So that's where the Authelia part comes in
Nice video as usual, what is the wonderful looking terminal emulator with sidebar that you're using in the video?
Termius!
@@IBRACORP Thanks.
awesome video. would there be a possibility to get that same combo setup up and video with nginx proxy mananger ? I am running all of my docker containers on a pi 4 how that is not a bottle neck
Sure thing!
@@IBRACORP awesome cant wait to see it
Great video. Would it be possible to enhance this further to also include the ability to hide behind Cloudflare and to configure Traefik / Authelia to be able to display the real source ip address. Then this would be a great overall service.
Yes you can forward cloudflare IPs with this in traefik: --entrypoints.https.forwardedHeaders.trustedIPs=
Well Done. Btw, what ssh client are you using?
Termius. Found out by myself 🙂
Yeah it’s Termius, I live on this app personally but am always open to trying new apps.
@@IBRACORP I like the design and i like the snippet part. It would be great if they provided a one-time buying option instead of subscription though
I agree! The cost is fairly high. The snippets are amazing
As always a great video!
Unfortunately I use NPM in Unraid and can't manage to include CrowdSec. Surely I'm not the only one, would you have a tip or maybe you have a video in the making? ^^''
Hi Valentino, have you read our written docs for CrowdSec? We have the unraid instructions in there. I'll save you a click 🙂
docs.ibracorp.io/crowdsec/crowdsec/unraid
These videos are so well out together unfortunately I don’t use untaos so a lot of its value is lost. Shame so much focus on y raid but appreciate the effort
Great video - could you please do a version two for POP OS, Raspberry Pi with Nginx-proxy-manager?
This or cloud flare Argo tunnel with no port forward?
Hi Norbert, the tunnel is just that, a tunnel. It will not stop malicious IPs or brute force attacks, which we is where CrowdSec comes in.
So to answer your question, both!
I can't edit acquis.yml using code server, I get permission error. Also Authelia can't start returning an error that it has no permission to access /var/log/crowdsec. Weirdly enough, traefik doesn't have that issue. I'm following the unraid written guide.
You will have to make sure all the containers have the correct permissions. Code server May not have enough permissions to access files owned by root for example. The authelia container may not be able to edit files owned by root either. You will have to make sure everything has the right permissions to access everything properly
@@IBRACORP Thanks for the tip. I will look into it
Is this running in the proxmox server?
I believe it's the Ubuntu VM he set up in proxmox, yes.
@@ra1k_0 Yaya. That's what I meant. Thanks man!
Yeah, this is in a VM on the Proxmox server
@@IBRACORP can it be done as a docker container in proxmox CT (debian - docker)
after adding traefik settings to the compose files, composing and restarting i have no /mnt/user/appdata/traefik folder and also no logs or anything i could check from traefik to see if its composing right or running, portainer atleast says its healthy and running but with no logs whatsoever. i wonder why i get no logs nor directorys made by traefik ? im stuck at the tutorial at nano /mnt/user/appdata/traefik/traefik.yml because this directory does not exist. Shure i could create it but shouldnt it be there already from traefik ?
the only obvious error i get in the crowdsec logs:
time="26-12-2023 00:14:31" level=info msg="loading acquisition file : /etc/crowdsec/acquis.yaml"
time="26-12-2023 00:14:31" level=warning msg="No matching files for pattern /var/log/crowdsec/traefik.log" type=file
time="26-12-2023 00:14:31" level=info msg="Adding file /var/log/auth.log to datasources" type=file
time="26-12-2023 00:14:31" level=warning msg="No matching files for pattern /var/log/crowdsec/authelia.log" type=file
time="26-12-2023 00:14:31" level=info msg="Starting processing data"
time="26-12-2023 00:14:31" level=warning msg="/var/log/auth.log is a directory, ignoring it." type=file
it seems there are no logs there so i dont know why tbh and what to do, im on this for 4+ hours already