153 lines
6.7 KiB
YAML
153 lines
6.7 KiB
YAML
- variable: bouncer
|
|
label: "Crowdsec Bouncer (experimental)"
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: crowdsecEntry
|
|
label: ""
|
|
schema:
|
|
additional_attrs: true
|
|
type: dict
|
|
attrs:
|
|
- variable: name
|
|
label: Name
|
|
schema:
|
|
type: string
|
|
required: true
|
|
- variable: logLevel
|
|
label: Log Verbosity Level
|
|
description: How description the logs are, from info to debug.
|
|
schema:
|
|
type: string
|
|
required: true
|
|
default: info
|
|
enum:
|
|
- value: INFO
|
|
description: info
|
|
- value: WARNING
|
|
description: warning
|
|
- value: ERROR
|
|
description: error
|
|
- value: PANIC
|
|
description: panic
|
|
- value: DEBUG
|
|
description: debug
|
|
- value: FATAL
|
|
description: fatal
|
|
- variable: updateIntervalSeconds
|
|
label: Update Interval in Seconds
|
|
description:
|
|
schema:
|
|
type: int
|
|
default: 60
|
|
- variable: defaultDecisionSeconds
|
|
label: Time to take Crowdsec Decisions in Seconds
|
|
description:
|
|
schema:
|
|
type: int
|
|
default: 60
|
|
- variable: httpTimeoutSeconds
|
|
label: HTTP Timeout in Seconds
|
|
description:
|
|
schema:
|
|
type: int
|
|
default: 10
|
|
- variable: crowdsecMode
|
|
label: Crowdsec Mode
|
|
description:
|
|
schema:
|
|
type: string
|
|
default: "live"
|
|
- variable: crowdsecAppsecEnabled
|
|
label: Crowdsec App Security
|
|
description:
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: crowdsecAppsecHost
|
|
label: Crowdsec App Security Host
|
|
description: Enter Crowdsec App Host URL such as cowdsec:7432
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: crowdsecAppsecFailureBlock
|
|
label: Crowdsec App Security Failure Block
|
|
description:
|
|
schema:
|
|
type: boolean
|
|
default: true
|
|
- variable: crowdsecLapiHost
|
|
label: Crowdsec App Lapi Host
|
|
description: Enter Crowdsec LAPI Host URL such as cowdsec:8080
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: crowdsecLapiScheme
|
|
label: Crowdsec App Lapi Scheme
|
|
description: Enter Crowdsec LAPI HTTP Sheme
|
|
schema:
|
|
type: string
|
|
default: "http"
|
|
- variable: crowdsecLapiTLSInsecureVerify
|
|
label: Crowdsec App Lapi TLS Insecure Verify
|
|
description: Verifies if TLS is verfied
|
|
schema:
|
|
type: boolean
|
|
default: false
|
|
- variable: crowdsecCapiMachineId
|
|
label: Crowdsec Capi Machine ID
|
|
description: Enter Crowdsec CAPI Machine ID
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: crowdsecCapiMachinePassword
|
|
label: Crowdsec Capi Machine Password
|
|
description: Enter Crowdsec CAPI Machine Password
|
|
schema:
|
|
type: string
|
|
private: true
|
|
default: ""
|
|
- variable: crowdsecCapiScenarios
|
|
label: Crodsec Capi Scenarios
|
|
description: Enter Crowdsec Capi Scenarios
|
|
schema:
|
|
type: list
|
|
default: [["crowdsecurity/http-path-traversal-probing", "crowdsecurity/http-xss-probing", "crowdsecurity/http-generic-bf"]]
|
|
items:
|
|
- variable: crowdsecCapiScenariosEntry
|
|
label: Crodsec Capi Scenarios Entry
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: forwardedHeadersTrustedIPs
|
|
label: Crowdsec Forwarded Headers Trusted Ips
|
|
description: Enter Crowdsec forwarded trusted helpers such as 10.0.10.23/32, 10.0.20.0/24
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: forwardedHeadersTrustedIPsEntry
|
|
label: Crowdsec Forwarded Headers Trusted Ips Entry
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: clientTrustedIPs
|
|
label: Crowdsec client Trusted Ips
|
|
description: Enter Crowdsec client trusted IPs as 192.168.1.0/24
|
|
schema:
|
|
type: list
|
|
default: []
|
|
items:
|
|
- variable: clientTrustedIPsEntry
|
|
label: Crowdsec client Trusted Ips Entry
|
|
schema:
|
|
type: string
|
|
default: ""
|
|
- variable: forwardedHeadersCustomName
|
|
label: Forward
|
|
description: Enter Crowdsec CAPI Machine ID
|
|
schema:
|
|
type: string
|
|
default: "X-Custom-Header"
|