feat(Traefik): Add Crowdsec Bouncer Questions for SCALE (#19565)
**Description** Trains got renamed by the time I finished this PR, so need whenever to check the Q's whenever ⚒️ Fixes # <!--(issue)--> **⚙️ Type of change** - [ ] ⚙️ Feature/App addition - [ ] 🪛 Bugfix - [ ] ⚠️ Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] 🔃 Refactor of current code **🧪 How Has This Been Tested?** <!-- Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration --> **📃 Notes:** <!-- Please enter any other relevant information here --> **✔️ Checklist:** - [ ] ⚖️ My code follows the style guidelines of this project - [ ] 👀 I have performed a self-review of my own code - [ ] #️⃣ I have commented my code, particularly in hard-to-understand areas - [ ] 📄 I have made corresponding changes to the documentation - [ ] ⚠️ My changes generate no new warnings - [ ] 🧪 I have added tests to this description that prove my fix is effective or that my feature works - [ ] ⬆️ I increased versions for any altered app according to semantic versioning - [ ] I made sure the title starts with `feat(chart-name):`, `fix(chart-name):` or `chore(chart-name):` **➕ App addition** If this PR is an app addition please make sure you have done the following. - [ ] 🖼️ I have added an icon in the Chart's root directory called `icon.png` --- _Please don't blindly check all the boxes. Read them and only check those that apply. Those checkboxes are there for the reviewer to see what is this all about and the status of this PR with a quick glance._ --------- Signed-off-by: Kjeld Schouten <info@kjeldschouten.nl> Co-authored-by: Kjeld Schouten <kjeld@schouten-lebbing.nl>
This commit is contained in:
StevenMcElligott
GitHub
parent
6f0b914a8b
commit
bac09a0eb2
|
|
@ -36,4 +36,4 @@ sources:
|
|||
- https://github.com/truecharts/charts/tree/master/charts/premium/traefik
|
||||
- https://github.com/truecharts/containers/tree/master/apps/traefik
|
||||
type: application
|
||||
version: 26.9.3
|
||||
version: 26.9.4
|
||||
|
|
|
|||
|
|
@ -198,6 +198,7 @@ questions:
|
|||
# Include{geoBlockMiddleware}
|
||||
# Include{addPrefixMiddleware}
|
||||
# Include{modsecurityMiddleware}
|
||||
# Include{crowdsecMiddleware}
|
||||
- variable: service
|
||||
group: "Networking and Services"
|
||||
label: "Configure Service Entrypoint"
|
||||
|
|
|
|||
|
|
@ -0,0 +1,152 @@
|
|||
- variable: bouncer
|
||||
label: "Crowdsec Bouncer (experimental)"
|
||||
schema:
|
||||
type: list
|
||||
default: []
|
||||
items:
|
||||
- variable: crowdsecEntry
|
||||
label: ""
|
||||
schema:
|
||||
additional_attrs: true
|
||||
type: dict
|
||||
attrs:
|
||||
- variable: name
|
||||
label: Name
|
||||
schema:
|
||||
type: string
|
||||
required: true
|
||||
- variable: logLevel
|
||||
label: Log Verbosity Level
|
||||
description: How description the logs are, from info to debug.
|
||||
schema:
|
||||
type: string
|
||||
required: true
|
||||
default: info
|
||||
enum:
|
||||
- value: INFO
|
||||
description: info
|
||||
- value: WARNING
|
||||
description: warning
|
||||
- value: ERROR
|
||||
description: error
|
||||
- value: PANIC
|
||||
description: panic
|
||||
- value: DEBUG
|
||||
description: debug
|
||||
- value: FATAL
|
||||
description: fatal
|
||||
- variable: updateIntervalSeconds
|
||||
label: Update Interval in Seconds
|
||||
description:
|
||||
schema:
|
||||
type: int
|
||||
default: 60
|
||||
- variable: defaultDecisionSeconds
|
||||
label: Time to take Crowdsec Decisions in Seconds
|
||||
description:
|
||||
schema:
|
||||
type: int
|
||||
default: 60
|
||||
- variable: httpTimeoutSeconds
|
||||
label: HTTP Timeout in Seconds
|
||||
description:
|
||||
schema:
|
||||
type: int
|
||||
default: 10
|
||||
- variable: crowdsecMode
|
||||
label: Crowdsec Mode
|
||||
description:
|
||||
schema:
|
||||
type: string
|
||||
default: "live"
|
||||
- variable: crowdsecAppsecEnabled
|
||||
label: Crowdsec App Security
|
||||
description:
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: crowdsecAppsecHost
|
||||
label: Crowdsec App Security Host
|
||||
description: Enter Crowdsec App Host URL such as cowdsec:7432
|
||||
schema:
|
||||
type: string
|
||||
default: ""
|
||||
- variable: crowdsecAppsecFailureBlock
|
||||
label: Crowdsec App Security Failure Block
|
||||
description:
|
||||
schema:
|
||||
type: boolean
|
||||
default: true
|
||||
- variable: crowdsecLapiHost
|
||||
label: Crowdsec App Lapi Host
|
||||
description: Enter Crowdsec LAPI Host URL such as cowdsec:8080
|
||||
schema:
|
||||
type: string
|
||||
default: ""
|
||||
- variable: crowdsecLapiScheme
|
||||
label: Crowdsec App Lapi Scheme
|
||||
description: Enter Crowdsec LAPI HTTP Sheme
|
||||
schema:
|
||||
type: string
|
||||
default: "http"
|
||||
- variable: crowdsecLapiTLSInsecureVerify
|
||||
label: Crowdsec App Lapi TLS Insecure Verify
|
||||
description: Verifies if TLS is verfied
|
||||
schema:
|
||||
type: boolean
|
||||
default: false
|
||||
- variable: crowdsecCapiMachineId
|
||||
label: Crowdsec Capi Machine ID
|
||||
description: Enter Crowdsec CAPI Machine ID
|
||||
schema:
|
||||
type: string
|
||||
default: ""
|
||||
- variable: crowdsecCapiMachinePassword
|
||||
label: Crowdsec Capi Machine Password
|
||||
description: Enter Crowdsec CAPI Machine Password
|
||||
schema:
|
||||
type: string
|
||||
private: true
|
||||
default: ""
|
||||
- variable: crowdsecCapiScenarios
|
||||
label: Crodsec Capi Scenarios
|
||||
description: Enter Crowdsec Capi Scenarios
|
||||
schema:
|
||||
type: list
|
||||
default: [["crowdsecurity/http-path-traversal-probing", "crowdsecurity/http-xss-probing", "crowdsecurity/http-generic-bf"]]
|
||||
items:
|
||||
- variable: crowdsecCapiScenariosEntry
|
||||
label: Crodsec Capi Scenarios Entry
|
||||
schema:
|
||||
type: string
|
||||
default: ""
|
||||
- variable: forwardedHeadersTrustedIPs
|
||||
label: Crowdsec Forwarded Headers Trusted Ips
|
||||
description: Enter Crowdsec forwarded trusted helpers such as 10.0.10.23/32, 10.0.20.0/24
|
||||
schema:
|
||||
type: list
|
||||
default: []
|
||||
items:
|
||||
- variable: forwardedHeadersTrustedIPsEntry
|
||||
label: Crowdsec Forwarded Headers Trusted Ips Entry
|
||||
schema:
|
||||
type: string
|
||||
default: ""
|
||||
- variable: clientTrustedIPs
|
||||
label: Crowdsec client Trusted Ips
|
||||
description: Enter Crowdsec client trusted IPs as 192.168.1.0/24
|
||||
schema:
|
||||
type: list
|
||||
default: []
|
||||
items:
|
||||
- variable: clientTrustedIPsEntry
|
||||
label: Crowdsec client Trusted Ips Entry
|
||||
schema:
|
||||
type: string
|
||||
default: ""
|
||||
- variable: forwardedHeadersCustomName
|
||||
label: Forward
|
||||
description: Enter Crowdsec CAPI Machine ID
|
||||
schema:
|
||||
type: string
|
||||
default: "X-Custom-Header"
|
||||
Loading…
Reference in New Issue