Jemmaan

config/docker/2024/homelab/compose/dc-traefik-bouncer.yml

@@ -0,0 +1,18 @@
+version: '3.9'
+services:
+  bouncer-traefik:
+    image: ${BT_IMAGE}:${BT_VERSION}
+    container_name: ${BT_CONTAINER_NAME}
+    restart: ${BT_RESTART_POLICY}
+    environment:
+      CROWDSEC_BOUNCER_API_KEY: eLmERq8vakeLcw6v7+ICdLSeU7UI//cvADz3EW0T7+g # docker exec -t crowdsec cscli bouncers add traefik-bouncer
+      CROWDSEC_AGENT_HOST: ${CROWDSEC_CONTAINER_NAME}:8080
+      GIN_MODE: release
+    networks:
+      - proxy
+      #proxy:
+        #ipv4_address: ${BT_IP} 
+#    depends_on:
+#      - crowdsec
+    security_opt:
+      - no-new-privileges:true

config/docker/2024/homelab/compose/socket-proxy.env

@@ -0,0 +1,33 @@
+
+#PORT=53000
+LOG_LEVEL=info # debug,info,notice,warning,err,crit,alert,emerg
+## Variables match the URL prefix (i.e. AUTH blocks access to /auth/* parts of the API, etc.).
+# 0 to revoke access.
+# 1 to grant access.
+## Granted by Default
+EVENTS=1
+PING=1
+VERSION=1
+#Revoked by Default
+# Security critical
+AUTH='0'
+SECRETS=0
+POST=1 # Watchtower
+# Not always needed
+BUILD=0
+COMMIT=0
+CONFIGS=0
+CONTAINERS=1 # Traefik, portainer, etc.
+DISTRIBUTION=0
+EXEC=1
+IMAGES=1 # Portainer
+INFO=1 # Portainer
+NETWORKS=1 # Portainer
+NODES=0
+PLUGINS=0
+SERVICES=1 # Portainer
+SESSION=0
+SWARM=0
+SYSTEM=0
+TASKS=1 # Portaienr
+VOLUMES=1 # Portainer