43 lines
1.6 KiB
YAML
43 lines
1.6 KiB
YAML
# values from - https://github.com/crowdsecurity/helm-charts/blob/main/charts/crowdsec/values.yaml
|
|
container_runtime: containerd
|
|
|
|
agent:
|
|
# To specify each pod you want to process it logs (pods present in the node)
|
|
acquisition:
|
|
# The namespace where the pod is located
|
|
- namespace: ingress-nginx
|
|
# The pod name
|
|
podName: ingress-nginx-controller-*
|
|
# as in crowdsec configuration, we need to specify the program name so the parser will match and parse logs
|
|
program: nginx
|
|
# Those are ENV variables
|
|
env:
|
|
# As it's a test, we don't want to share signals with CrowdSec so disable the Online API.
|
|
# - name: DISABLE_ONLINE_API
|
|
# value: "true"
|
|
# As we are running Nginx, we want to install the Nginx collection
|
|
- name: COLLECTIONS
|
|
value: "crowdsecurity/nginx"
|
|
lapi:
|
|
env:
|
|
# As it's a test, we don't want to share signals with CrowdSec, so disable the Online API.
|
|
# - name: DISABLE_ONLINE_API
|
|
# value: "true"
|
|
dashboard:
|
|
enabled: true
|
|
ingress:
|
|
enabled: true
|
|
annotations:
|
|
nginx.ingress.kubernetes.io/backend-protocol: "HTTP"
|
|
nginx.ingress.kubernetes.io/auth-url: "https://oauth2.viktorbarzin.me/oauth2/auth"
|
|
nginx.ingress.kubernetes.io/auth-signin: "https://oauth2.viktorbarzin.me/oauth2/start?rd=/redirect/$http_host$escaped_request_uri"
|
|
ingressClassName: "nginx"
|
|
host: "crowdsec.viktorbarzin.me"
|
|
tls:
|
|
- hosts:
|
|
- crowdsec.viktorbarzin.me
|
|
secretName: "tls-secret"
|
|
metrics:
|
|
enabled: true
|
|
strategy:
|
|
type: RollingUpdate
|