add deployment for crowdsec web dashboard that allows unblocking my ips [ci skip]

2025-10-14 20:08:43 +00:00 · 2025-10-14 20:08:43 +00:00 · f9167965d2
commit f9167965d2
parent 9acdcc7fe4
5 changed files with 121 additions and 6 deletions
--- a/modules/kubernetes/main.tf
+++ b/modules/kubernetes/main.tf
@ -55,6 +55,9 @@ variable "ingress_crowdsec_captcha_secret_key" {}
 variable "ingress_crowdsec_captcha_site_key" {}
 variable "crowdsec_enroll_key" { type = string }
 variable "crowdsec_db_password" { type = string }
+variable "crowdsec_dash_api_key" { type = string }
+variable "crowdsec_dash_machine_id" { type = string }
+variable "crowdsec_dash_machine_password" { type = string }
 variable "vaultwarden_smtp_password" {}
 variable "resume_database_url" {}
 variable "resume_redis_url" {}
@ -428,12 +431,15 @@ module "nginx-ingress" {
 }

 module "crowdsec" {
-  source            = "./crowdsec"
-  tls_secret_name   = var.tls_secret_name
-  homepage_username = var.homepage_credentials["crowdsec"]["username"]
-  homepage_password = var.homepage_credentials["crowdsec"]["password"]
-  enroll_key        = var.crowdsec_enroll_key
-  db_password       = var.crowdsec_db_password
+  source                         = "./crowdsec"
+  tls_secret_name                = var.tls_secret_name
+  homepage_username              = var.homepage_credentials["crowdsec"]["username"]
+  homepage_password              = var.homepage_credentials["crowdsec"]["password"]
+  enroll_key                     = var.crowdsec_enroll_key
+  db_password                    = var.crowdsec_db_password
+  crowdsec_dash_api_key          = var.crowdsec_dash_api_key
+  crowdsec_dash_machine_id       = var.crowdsec_dash_machine_id
+  crowdsec_dash_machine_password = var.crowdsec_dash_machine_password
 }

 # Seems like it needs S3 even if pg is local...