beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Update index.md (#598)

Browse source 
A grammar updates on documentation.
This commit is contained in:
kingmilo 2021-02-03 11:22:50 +02:00 committed by GitHub
parent cb003ea347
commit 564c4155a8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
docs/v1.X/docs/localAPI/index.md
View file

@ -11,11 +11,11 @@ You can find the swagger documentation [here](https://crowdsecurity.github.io/ap
## Authentication
There is two kinds of authentication to the local API :
There are two kinds of authentication to the local API :
- {{v1X.bouncers.Name}} : they authenticate with a simple API key and can only read decisions
- Machines : they authenticate with a login&password and can not only read decisions, but create new ones
- Machines : they authenticate with a login&password and can not only read decisions, but create new ones too
### {{v1X.bouncers.Name}}
@ -30,17 +30,17 @@ and keep the generated API token to use it in your {{v1X.bouncers.Name}} configu
### Machines
To allow a machine to communicate with the local API, the machine need to be validated by an administrator of the local API.
To allow a machine to communicate with the local API, the machine needs to be validated by an administrator of the local API.
There is two ways to register a crowdsec to a local API.
There are two ways to register a crowdsec to a local API.
* You can create a machine directly on the API server that will be automatically validated, by running the following command on the server where the API is installed:
* You can create a machine directly on the API server that will be automatically validated by running the following command on the server where the API is installed:
```bash
$ sudo cscli machines add testMachine
```
If your crowdsec run on the same server that the local API, then your credentials file will be generated automatically, else you will have to copy/paste them in your remote crowdsec credentials file (`/etc/crowdsec/local_api_credentials.yaml`)
If your crowdsec runs on the same server as the local API, then your credentials file will be generated automatically, otherwise you will have to copy/paste them in your remote crowdsec credentials file (`/etc/crowdsec/local_api_credentials.yaml`)
* You can use `cscli` to register to the API server:
@ -55,13 +55,13 @@ sudo cscli machines validate <machineName>
```
!!! tips
You can use `cscli machines list` to list all the machines registered to the API, and view the ones that are not validated yet.
You can use `cscli machines list` to list all the machines registered to the API and view the ones that are not validated yet.
## Configuration
### Client
By default, `crowdsec` and `cscli` use `127.0.0.1:8080` as a default local API. But you might want to use a remote API and so configure a different endpoint for your api client.
By default, `crowdsec` and `cscli` use `127.0.0.1:8080` as the default local API. However you might want to use a remote API and configure a different endpoint for your api client.
#### Register to a remote API server
@ -87,16 +87,16 @@ $ sudo cscli machines validate <machineName>
#### Configure listen URL
If you want your local API to be used by a remote crowdsec, it is possible to modify the URL it listen on.
You just have to modify the [`listen_uri` option](/Crowdsec/v1/references/crowdsec-config/#listen_uri) in the main configuration file.
If you would like your local API to be used by a remote crowdsec you will need to modify the URL it listens on.
Modify the [`listen_uri` option](/Crowdsec/v1/references/crowdsec-config/#listen_uri) in the main configuration file.
Then see [how to configure your crowdsec to use a remote API](/Crowdsec/v1/localAPI/#register-to-a-remote-api-server).
#### Enable SSL
The most common use case of the local API is to listen on 127.0.0.1. In that case there's no need for
configuring any ssl layer. In some cases, the local API will listen for other crowdsec installation that
will report its triggered scenarios. In that case, the endpoint may be configured with ssl.
configuring any ssl layer. In some cases, the local API will listen for other crowdsec installations that
will report their triggered scenarios. In that case the endpoint may be configured with ssl.
You can see how to configure SSL on your local API [here](/Crowdsec/v1/references/crowdsec-config/#tls).