Comment on Suggestions for crowdsec + caddy + docker setup
just_another_person@lemmy.world 4 days ago
You only need Crowdsec to monitor the exposed service ports. If Authentik is exposed, and has a Crowdsec plugin, then add it. Otherwise, you’re just wasting resources having it watch things it can’t take action.
If you just need something to consolidate logs where you can watch them, use a centralized logging tool for that job.
whysofurious@lemmy.dbzer0.com 4 days ago
Thanks for the answer :) make sense, I will go through with the plugins for the services I have exposed, although not all of them have crowdsec collections.
just_another_person@lemmy.world 4 days ago
You can easily create custom rules and bouncers if needed for something specific as well. They’re templatized for the most part. Possibly even something a stupid AI could kick out, but make sure you know what it’s doing, and don’t trust it outright.
whysofurious@lemmy.dbzer0.com 3 days ago
Thanks for the input, yes I was mostly thinking about hedgedoc, that doesn’t have parsers or anything. I need to delve more into crowdsec logic and rules before trying to do my own thing, for sure. Thanks a lot tough, I followed your advice and I got Crowdsec working on both Authentik and Forgejo :)