viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add crowdsec policies for 403 and 429; use nginx to rate limit brute force attacks and then ban them [ci skip]

Browse source
This commit is contained in:
Viktor Barzin 2025-10-13 20:12:37 +00:00
parent ad093ec7e5
commit 13b7c880e5
No known key found for this signature in database
GPG key ID: 4056458DBDBF8863
4 changed files with 58 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

14
modules/kubernetes/crowdsec/values.yaml
View file

@ -18,6 +18,20 @@ agent:
# As we are running Nginx, we want to install the Nginx collection
- name: COLLECTIONS
value: "crowdsecurity/nginx"
# Mount custom scenarios into /etc/crowdsec/scenarios
extraVolumeMounts:
- name: custom-scenarios
mountPath: /etc/crowdsec/scenarios/http-403-abuse.yaml
subPath: "http-403-abuse.yaml"
readonly: true
- name: custom-scenarios
mountPath: /etc/crowdsec/scenarios/http-429-abuse.yaml
subPath: "http-429-abuse.yaml"
readonly: true
extraVolumes:
- name: custom-scenarios
configMap:
name: crowdsec-custom-scenarios
lapi:
replicas: 3
extraSecrets: