From 306aba48aa42b77994518e95a5085342e68a0de8 Mon Sep 17 00:00:00 2001 From: Marvin <127591405+Lokowitz@users.noreply.github.com> Date: Sat, 5 Apr 2025 17:43:54 +0200 Subject: [PATCH 1/7] Create traefik.yaml --- install/config/crowdsec/acquis.d/traefik.yaml | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 install/config/crowdsec/acquis.d/traefik.yaml diff --git a/install/config/crowdsec/acquis.d/traefik.yaml b/install/config/crowdsec/acquis.d/traefik.yaml new file mode 100644 index 00000000..11d9d0b8 --- /dev/null +++ b/install/config/crowdsec/acquis.d/traefik.yaml @@ -0,0 +1,5 @@ +poll_without_inotify: false +filenames: + - /var/log/traefik/*.log +labels: + type: traefik From 497736ef881a62fa33d85f52271baf62561c2d60 Mon Sep 17 00:00:00 2001 From: Marvin <127591405+Lokowitz@users.noreply.github.com> Date: Sat, 5 Apr 2025 17:44:20 +0200 Subject: [PATCH 2/7] Create appsec.yaml --- install/config/crowdsec/acquis.d/appsec.yaml | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 install/config/crowdsec/acquis.d/appsec.yaml diff --git a/install/config/crowdsec/acquis.d/appsec.yaml b/install/config/crowdsec/acquis.d/appsec.yaml new file mode 100644 index 00000000..2cebf9ee --- /dev/null +++ b/install/config/crowdsec/acquis.d/appsec.yaml @@ -0,0 +1,6 @@ +listen_addr: 0.0.0.0:7422 +appsec_config: crowdsecurity/appsec-default +name: myAppSecComponent +source: appsec +labels: + type: appsec From d310c64945dfa0acaf92dc171b64ec07ae3f5665 Mon Sep 17 00:00:00 2001 From: Marvin <127591405+Lokowitz@users.noreply.github.com> Date: Sat, 5 Apr 2025 17:44:38 +0200 Subject: [PATCH 3/7] Delete install/config/crowdsec/acquis.yaml --- install/config/crowdsec/acquis.yaml | 18 ------------------ 1 file changed, 18 deletions(-) delete mode 100644 install/config/crowdsec/acquis.yaml diff --git a/install/config/crowdsec/acquis.yaml b/install/config/crowdsec/acquis.yaml deleted file mode 100644 index 74d8fd1c..00000000 --- a/install/config/crowdsec/acquis.yaml +++ /dev/null @@ -1,18 +0,0 @@ -filenames: - - /var/log/auth.log - - /var/log/syslog -labels: - type: syslog ---- -poll_without_inotify: false -filenames: - - /var/log/traefik/*.log -labels: - type: traefik ---- -listen_addr: 0.0.0.0:7422 -appsec_config: crowdsecurity/appsec-default -name: myAppSecComponent -source: appsec -labels: - type: appsec \ No newline at end of file From 05d7a5e67ac400f5586860336e10466750d4fc15 Mon Sep 17 00:00:00 2001 From: Marvin <127591405+Lokowitz@users.noreply.github.com> Date: Sat, 5 Apr 2025 17:45:43 +0200 Subject: [PATCH 4/7] Update docker-compose.yml --- install/config/crowdsec/docker-compose.yml | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/install/config/crowdsec/docker-compose.yml b/install/config/crowdsec/docker-compose.yml index 1a642ee8..20c69387 100644 --- a/install/config/crowdsec/docker-compose.yml +++ b/install/config/crowdsec/docker-compose.yml @@ -7,7 +7,6 @@ services: COLLECTIONS: crowdsecurity/traefik crowdsecurity/appsec-virtual-patching crowdsecurity/appsec-generic-rules ENROLL_INSTANCE_NAME: "pangolin-crowdsec" PARSERS: crowdsecurity/whitelists - ACQUIRE_FILES: "/var/log/traefik/*.log" ENROLL_TAGS: docker healthcheck: test: ["CMD", "cscli", "capi", "status"] @@ -18,13 +17,8 @@ services: - ./config/crowdsec:/etc/crowdsec # crowdsec config - ./config/crowdsec/db:/var/lib/crowdsec/data # crowdsec db # log bind mounts into crowdsec - - ./config/crowdsec_logs/auth.log:/var/log/auth.log:ro # auth.log - - ./config/crowdsec_logs/syslog:/var/log/syslog:ro # syslog - - ./config/crowdsec_logs:/var/log # crowdsec logs - ./config/traefik/logs:/var/log/traefik # traefik logs ports: - 6060:6060 # metrics endpoint for prometheus - expose: - - 6060 # metrics endpoint for prometheus restart: unless-stopped - command: -t # Add test config flag to verify configuration \ No newline at end of file + command: -t # Add test config flag to verify configuration From 6c9a5e373cb053fe8feec5e2e8cf278c87c24b27 Mon Sep 17 00:00:00 2001 From: Marvin <127591405+Lokowitz@users.noreply.github.com> Date: Sat, 5 Apr 2025 17:47:37 +0200 Subject: [PATCH 5/7] Update crowdsec.go --- install/crowdsec.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/crowdsec.go b/install/crowdsec.go index c545a90d..9fadadc6 100644 --- a/install/crowdsec.go +++ b/install/crowdsec.go @@ -25,7 +25,7 @@ func installCrowdsec(config Config) error { } os.MkdirAll("config/crowdsec/db", 0755) - os.MkdirAll("config/crowdsec_logs/syslog", 0755) + os.MkdirAll("config/crowdsec/acquis.d", 0755) os.MkdirAll("config/traefik/logs", 0755) if err := copyDockerService("config/crowdsec/docker-compose.yml", "docker-compose.yml", "crowdsec"); err != nil { From 8fda85695fea8217cfda5fdd40d732cfd1207c02 Mon Sep 17 00:00:00 2001 From: Owen Date: Sun, 6 Apr 2025 12:01:31 -0400 Subject: [PATCH 6/7] Add stale bot --- .github/workflows/stale-bot.yml | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 .github/workflows/stale-bot.yml diff --git a/.github/workflows/stale-bot.yml b/.github/workflows/stale-bot.yml new file mode 100644 index 00000000..90f7bc69 --- /dev/null +++ b/.github/workflows/stale-bot.yml @@ -0,0 +1,32 @@ +name: Mark and Close Stale Issues + +on: + schedule: + - cron: '0 0 * * *' + workflow_dispatch: # Allow manual trigger + +jobs: + stale: + runs-on: ubuntu-latest + steps: + - uses: actions/stale@v9 + with: + days-before-stale: 30 + days-before-close: 14 + stale-issue-message: 'This issue has been automatically marked as stale due to 30 days of inactivity. It will be closed in 14 days if no further activity occurs.' + close-issue-message: 'This issue has been automatically closed due to inactivity. If you believe this is still relevant, please open a new issue with up-to-date information.' + stale-issue-label: 'stale' + + exempt-issue-labels: 'needs investigating, networking, new feature, reverse proxy, bug, api, authentication, documentation, enhancement, help wanted, good first issue, question' + + exempt-all-issue-assignees: true + + only-labels: '' + exempt-pr-labels: '' + days-before-pr-stale: -1 + days-before-pr-close: -1 + + operations-per-run: 100 + remove-stale-when-updated: true + delete-branch: false + enable-statistics: true \ No newline at end of file From c2a7bba7264362793073887d22ca0a9fd0c7a6a6 Mon Sep 17 00:00:00 2001 From: Owen Date: Sun, 6 Apr 2025 12:04:42 -0400 Subject: [PATCH 7/7] Add permissions --- .github/workflows/stale-bot.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/workflows/stale-bot.yml b/.github/workflows/stale-bot.yml index 90f7bc69..79ad180b 100644 --- a/.github/workflows/stale-bot.yml +++ b/.github/workflows/stale-bot.yml @@ -5,6 +5,11 @@ on: - cron: '0 0 * * *' workflow_dispatch: # Allow manual trigger +permissions: + contents: write # only for delete-branch option + issues: write + pull-requests: write + jobs: stale: runs-on: ubuntu-latest