Crowdsec
docker-compose.yml
YAML
services:
crowdsec:
image: crowdsecurity/crowdsec
restart: unless-stopped
ports:
- "8080:8080"
- "6060:6060"
volumes:
- ./acquis.d:/etc/crowdsec/acquis.d
- ./crowdsec-db:/var/lib/crowdsec/data/
- /var/log:/var/log:ro
- /webapps/nginx-pm/data/logs:/log/npm:ro
- /webapps/docker-mail-server/data/dms/mail-logs:/log/dms:ro
environment:
# These collection contains parsers and scenarios for postfix and dovecot
COLLECTIONS: crowdsecurity/postfix crowdsecurity/dovecot crowdsecurity/sshd crowdsecurity/nginx-proxy-manager crowdsecurity/http-cve crowdsecurity/whitelist-good-actors crowdsecurity/iptables crowdsecurity/linux
TZ: Europe/Belgrade
- Recommended perisisting volumes
YAML
volumes:
- crowdsec-db:/var/lib/crowdsec/data/ ## Data Directory
- crowdsec-config:/etc/crowdsec/ ## Configuration Directory
Collecting logs
- dms.yml
docker mail server
- ssh.yaml
- npm.yaml