viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

reenable crowdsec for nginx with 1 eybrow raised [ci skip]

Browse source
This commit is contained in:
Viktor Barzin 2024-01-06 22:03:38 +00:00
parent 89ca8cf989
commit e6642ea08d
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
modules/kubernetes/nginx-ingress/main.tf
View file

@ -325,9 +325,9 @@ resource "kubernetes_config_map" "ingress_nginx_controller" {
setvar:tx.block_harvester_ip=1,\ setvar:tx.block_harvester_ip=1,\
setvar:tx.block_spammer_ip=1" setvar:tx.block_spammer_ip=1"
EOT EOT
# plugins = "crowdsec" # plugins = "crowdsec"
plugins = "" plugins = ""
lua-shared-dicts = "crowdsec_cache: 50m" lua-shared-dicts = "crowdsec_cache: 500m"
server-snippet : <<-EOT server-snippet : <<-EOT
lua_ssl_trusted_certificate "/etc/ssl/certs/ca-certificates.crt"; # Captcha lua_ssl_trusted_certificate "/etc/ssl/certs/ca-certificates.crt"; # Captcha
#resolver local=on ipv6=off valid=600s; #resolver local=on ipv6=off valid=600s;