From 3309633c56c69db25247c16c9c725541716b7825 Mon Sep 17 00:00:00 2001
From: jabertwo <git@jabertwo.de>
Date: Wed, 26 Jul 2023 22:21:45 +0200
Subject: [PATCH] crowdsec vorbereitungen

---
 .../templates/crowdsec/dashboard/Dockerfile   |  3 ++
 common/crowdsec/templates/docker-compose.yml  | 39 +++++++++++++++++++
 2 files changed, 42 insertions(+)
 create mode 100644 common/crowdsec/templates/crowdsec/dashboard/Dockerfile
 create mode 100644 common/crowdsec/templates/docker-compose.yml

diff --git a/common/crowdsec/templates/crowdsec/dashboard/Dockerfile b/common/crowdsec/templates/crowdsec/dashboard/Dockerfile
new file mode 100644
index 00000000..b8930011
--- /dev/null
+++ b/common/crowdsec/templates/crowdsec/dashboard/Dockerfile
@@ -0,0 +1,3 @@
+FROM metabase/metabase:v0.46.6.2
+
+RUN mkdir /data/ && wget https://crowdsec-statics-assets.s3-eu-west-1.amazonaws.com/metabase_sqlite.zip && unzip metabase_sqlite.zip -d /data/
\ No newline at end of file
diff --git a/common/crowdsec/templates/docker-compose.yml b/common/crowdsec/templates/docker-compose.yml
new file mode 100644
index 00000000..3ab2d8c8
--- /dev/null
+++ b/common/crowdsec/templates/docker-compose.yml
@@ -0,0 +1,39 @@
+version: '3'
+
+services:
+  app:
+    image: crowdsecurity/crowdsec:v1.5.2
+    healthcheck:
+      test: ["CMD", "cscli", "version"]
+      interval: 20s
+      timeout: 2s
+      retries: 5
+      start_period: 10s
+    ports:
+      - "127.0.0.1:8080:8080"
+    environment:
+      COLLECTIONS: "crowdsecurity/traefik crowdsecurity/http-cve crowdsecurity/whitelist-good-actors crowdsecurity/iptables crowdsecurity/linux crowdsecurity/nginx crowdsecurity/sshd"
+      GID: "${GID-1000}"
+      CUSTOM_HOSTNAME: dSHB
+    volumes:
+      - /etc/localtime:/etc/localtime:ro  
+      - /var/log:/var/log:ro
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+      - /var/run/systemd/journal/socket:/var/run/systemd/journal/socket:ro
+      - {{ basedir }}/appdata/crowdsec/data:/var/lib/crowdsec/data
+      - {{ basedir }}/appdata/crowdsec/config:/etc/crowdsec
+      - {{ basedir }}/crowdsec-db:
+  
+  dashboard:
+    build: ./crowdsec/dashboard
+    restart: always
+    environment:
+      MB_DB_FILE: /data/metabase.db
+      MGID: "${GID-1000}"
+    labels:
+      - traefik.enable=true
+      - traefik.http.routers.{{ servicename }}.rule=Host(`{{ domain }}`)
+      - traefik.http.routers.{{ servicename }}.entrypoints=websecure
+      - traefik.http.services.{{ servicename }}.loadbalancer.server.port=3000
+    volumes:
+      - crowdsec-db:/metabase-data/
\ No newline at end of file
-- 
GitLab