67 lines
1.8 KiB
Django/Jinja
67 lines
1.8 KiB
Django/Jinja
common:
|
|
daemonize: true
|
|
log_media: file
|
|
log_level: info
|
|
log_dir: /var/log/
|
|
log_max_size: 20
|
|
compress_logs: true
|
|
log_max_files: 10
|
|
working_dir: .
|
|
config_paths:
|
|
config_dir: /etc/crowdsec/
|
|
data_dir: /var/lib/crowdsec/data/
|
|
simulation_path: /etc/crowdsec/simulation.yaml
|
|
hub_dir: /var/lib/crowdsec/hub/
|
|
index_path: /var/lib/crowdsec/hub/.index.json
|
|
notification_dir: /etc/crowdsec/notifications/
|
|
plugin_dir: /usr/lib/crowdsec/plugins/
|
|
crowdsec_service:
|
|
acquisition_path: /etc/crowdsec/acquis.yaml
|
|
acquisition_dir: /etc/crowdsec/acquis.d
|
|
parser_routines: 1
|
|
cscli:
|
|
output: human
|
|
color: auto
|
|
db_config:
|
|
log_level: info
|
|
type: sqlite
|
|
db_path: /var/lib/crowdsec/data/crowdsec.db
|
|
#max_open_conns: 100
|
|
#user:
|
|
#password:
|
|
#db_name:
|
|
#host:
|
|
#port:
|
|
flush:
|
|
max_items: 5000
|
|
max_age: 7d
|
|
plugin_config:
|
|
user: nobody # plugin process would be ran on behalf of this user
|
|
group: nogroup # plugin process would be ran on behalf of this group
|
|
api:
|
|
client:
|
|
insecure_skip_verify: false
|
|
credentials_path: /etc/crowdsec/local_api_credentials.yaml
|
|
{% if node['name'] == 'fw' %}
|
|
server:
|
|
log_level: info
|
|
listen_uri: "[::]:8080"
|
|
profiles_path: /etc/crowdsec/profiles.yaml
|
|
console_path: /etc/crowdsec/console.yaml
|
|
online_client: # Central API credentials (to push signals and receive bad IPs)
|
|
credentials_path: /etc/crowdsec/online_api_credentials.yaml
|
|
trusted_ips: # IP ranges, or IPs which can have admin API access
|
|
- ::1
|
|
- 127.0.0.1
|
|
- {{ hostvars['fw']['network6']['subnet']['server'] }}
|
|
- {{ hostvars['fw']['network4']['subnet']['server'] }}
|
|
tls:
|
|
cert_file: /etc/crowdsec/ssl/crowdsec.crt
|
|
key_file: /etc/crowdsec/ssl/crowdsec.key
|
|
prometheus:
|
|
enabled: true
|
|
level: full
|
|
listen_addr: "[::]"
|
|
listen_port: 6060
|
|
{% endif %}
|