mirror of
https://github.com/JamesTurland/JimsGarage.git
synced 2024-11-22 07:50:19 +00:00
Delete Kubernetes/Traefik-Crowdsec-PiHole/Helm/CrowdSec/values.yaml
This commit is contained in:
tehNooB
GitHub
parent
012b8aefd6
commit
e7326a6308
1 changed files with 0 additions and 127 deletions
|
|
@ -1,127 +0,0 @@
|
|||
container_runtime: containerd
|
||||
# Here you can specify your own custom configuration to be loaded in crowdsec agent or lapi
|
||||
# Each config needs to be a multi-line using '|' in YAML specs
|
||||
# for the agent those configs will be loaded : parsers, scenarios, postoverflows, simulation.yaml
|
||||
# for the lapi those configs will be loaded : profiles.yaml, notifications, console.yaml
|
||||
config:
|
||||
profiles.yaml: |
|
||||
name: default_ip_remediation
|
||||
#debug: true
|
||||
filters:
|
||||
- Alert.Remediation == true && Alert.GetScope() == "Ip"
|
||||
decisions:
|
||||
- type: ban
|
||||
duration: 4h
|
||||
#duration_expr: Sprintf('%dh', (GetDecisionsCount(Alert.GetValue()) + 1) * 4)
|
||||
notifications:
|
||||
# - slack_default # Set the webhook in /etc/crowdsec/notifications/slack.yaml before enabling this.
|
||||
# - splunk_default # Set the splunk url and token in /etc/crowdsec/notifications/splunk.yaml before enabling this.
|
||||
- http_default # Set the required http parameters in /etc/crowdsec/notifications/http.yaml before enabling this.
|
||||
# - email_default # Set the required email parameters in /etc/crowdsec/notifications/email.yaml before enabling this.
|
||||
notifications:
|
||||
http.yaml: |
|
||||
type: http # Don't change
|
||||
name: http_default # Must match the registered plugin in the profile
|
||||
|
||||
# One of "trace", "debug", "info", "warn", "error", "off"
|
||||
log_level: info
|
||||
|
||||
# group_wait: # Time to wait collecting alerts before relaying a message to this plugin, eg "30s"
|
||||
# group_threshold: # Amount of alerts that triggers a message before <group_wait> has expired, eg "10"
|
||||
# max_retry: # Number of attempts to relay messages to plugins in case of error
|
||||
# timeout: # Time to wait for response from the plugin before considering the attempt a failure, eg "10s"
|
||||
|
||||
#-------------------------
|
||||
# plugin-specific options
|
||||
|
||||
# The following template receives a list of models.Alert objects
|
||||
# The output goes in the http request body
|
||||
format: |
|
||||
{{ range . -}}
|
||||
{{ $alert := . -}}
|
||||
{
|
||||
"extras": {
|
||||
"client::display": {
|
||||
"contentType": "text/markdown"
|
||||
}
|
||||
},
|
||||
"priority": 3,
|
||||
{{range .Decisions -}}
|
||||
"title": "{{.Type }} {{ .Value }} for {{.Duration}}",
|
||||
"message": "{{.Scenario}} \n\n[crowdsec cti](https://app.crowdsec.net/cti/{{.Value -}}) \n\n[shodan](https://shodan.io/host/{{.Value -}})"
|
||||
{{end -}}
|
||||
}
|
||||
{{ end -}}
|
||||
|
||||
# The plugin will make requests to this url, eg: https://www.example.com/
|
||||
url: https://gotify.your-domain.co.uk/message # change this to your domain
|
||||
|
||||
# Any of the http verbs: "POST", "GET", "PUT"...
|
||||
method: POST
|
||||
|
||||
headers:
|
||||
X-Gotify-Key: SDFjsdfkjsdfsdjf # Add Gotify key here
|
||||
Content-Type: application/json
|
||||
skip_tls_verification: true
|
||||
tls:
|
||||
enabled: true
|
||||
bouncer:
|
||||
reflector:
|
||||
namespaces: ["traefik"]
|
||||
agent:
|
||||
tolerations:
|
||||
- key: node-role.kubernetes.io/control-plane
|
||||
operator: Equal
|
||||
effect: NoSchedule
|
||||
# Specify each pod whose logs you want to process
|
||||
acquisition:
|
||||
# The namespace where the pod is located
|
||||
- namespace: traefik
|
||||
# The pod name
|
||||
podName: traefik-*
|
||||
# as in crowdsec configuration, we need to specify the program name to find a matching parser
|
||||
program: traefik
|
||||
env:
|
||||
- name: PARSERS
|
||||
value: "crowdsecurity/cri-logs crowdsecurity/whitelists"
|
||||
- name: COLLECTIONS
|
||||
value: "crowdsecurity/linux crowdsecurity/traefik crowdsecurity/home-assistant LePresidente/authelia Dominic-Wagner/vaultwarden crowdsecurity/unifi"
|
||||
# When testing, allow bans on private networks
|
||||
#- name: DISABLE_PARSERS
|
||||
# value: "crowdsecurity/whitelists"
|
||||
persistentVolume:
|
||||
config:
|
||||
enabled: false
|
||||
nodeSelector:
|
||||
worker: "true"
|
||||
image:
|
||||
pullPolicy: Always
|
||||
lapi:
|
||||
dashboard:
|
||||
enabled: false
|
||||
ingress:
|
||||
host: dashboard.local
|
||||
enabled: true
|
||||
persistentVolume:
|
||||
config:
|
||||
enabled: true
|
||||
resources:
|
||||
limits:
|
||||
memory: 200Mi
|
||||
requests:
|
||||
cpu: 250m
|
||||
memory: 200Mi
|
||||
env:
|
||||
# For an internal test, disable the Online API
|
||||
- name: DISABLE_ONLINE_API
|
||||
value: "false"
|
||||
- name: ENROLL_KEY
|
||||
value: "ADD-YOUR-KEY-HERE"
|
||||
- name: ENROLL_INSTANCE_NAME
|
||||
value: "k3s_cluster"
|
||||
- name: ENROLL_TAGS
|
||||
value: "homelab"
|
||||
nodeSelector:
|
||||
worker: "true"
|
||||
image:
|
||||
pullPolicy: Always
|
||||
Loading…
Reference in a new issue