mjallen/nix-config
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Files
751b4f9f6933fdd3193d8e8c2a02e73c844bb5e7
nix-config/modules/nixos/services/crowdsec/default.nix
mjallen18 751b4f9f69 test
2025-09-30 18:29:34 -05:00

79 lines
1.7 KiB
Nix
Executable File
Raw Blame History

{
config,
lib,
namespace,
...
}:
let
cfg = config.${namespace}.services.crowdsec;
in
{
imports = [ ./options.nix ];
config = lib.mkIf cfg.enable {
services = {
crowdsec = {
enable = true;
openFirewall = true;
hub = {
appSecConfigs = [
"crowdsecurity/appsec-default"
];
appSecRules = [
"crowdsecurity/base-config"
];
collections = [
"crowdsecurity/linux"
"crowdsecurity/traefik"
"firix/authentik"
];
parsers = [
"crowdsecurity/sshd-logs"
];
postOverflows = [
"crowdsecurity/auditd-nix-wrappers-whitelist-process"
];
scenarios = [
"crowdsecurity/ssh-bf"
];
};
localConfig = {
acquisitions = [
{
journalctl_filter = [
"_SYSTEMD_UNIT=sshd.service"
];
labels = {
type = "syslog";
};
source = "journalctl";
}
{
journalctl_filter = [
"_SYSTEMD_UNIT=traefik.service"
];
labels = {
type = "syslog";
};
source = "journalctl";
}
{
journalctl_filter = [
"_SYSTEMD_UNIT=authentik.service"
];
labels = {
type = "syslog";
};
source = "journalctl";
}
];
};
settings = {
# general.api.server.enable = true;
capi.credentialsFile = cfg.apiKey;
};
};
};
};
}
Reference in New Issue View Git Blame Copy Permalink