viktor/infra
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
infra/stacks/crowdsec
History
Exact
Viktor Barzin c92590ae85 crowdsec: roll firewall-bouncer cluster-wide (remove node2 validation pin) 
One-node validation on k8s-node2 passed: kernel nftables sets created in both
input and forward chains (policy accept), ~31k decisions loaded, a known banned
scanner confirmed in the drop set, pod stable 4h+ with no collateral. Remove the
nodeSelector so the DaemonSet runs on every node — direct-host enforcement now
survives a MetalLB VIP failover to any worker.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-21 00:07:45 +00:00
..
modules/crowdsec crowdsec: roll firewall-bouncer cluster-wide (remove node2 validation pin) 2026-06-21 00:07:45 +00:00
main.tf crowdsec: register kvsync + firewall bouncer keys in LAPI 2026-06-20 08:12:38 +00:00
secrets fix: restore tree dropped by 6d224861; land stem95su gdrive-sync (10m) [ci skip] 2026-06-09 08:45:33 +00:00
terragrunt.hcl fix: restore tree dropped by 6d224861; land stem95su gdrive-sync (10m) [ci skip] 2026-06-09 08:45:33 +00:00