Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    erenJag
    @erenJag

    Hi @hslatman,

    Thanks for your contribution on the project, as you can see already added in the Hub :smiley:.
    We'll test it soon and give you a feedback, don't forget to add pre-release or release if you consider the code stable.

    Herman Slatman
    @hslatman
    Will keep that in mind
    Adding some tests is also high on my list
    Thibault "bui" Koechlin
    @buixor
    sounds great
    ryogasp
    @ryogasp:matrix.org
    [m]

    I can't get around this, does anyone has a clue ?

    gaspard@barebone:/var/lib/crowdsec/data$ sudo cscli dashboard setup --listen 0.0.0.0
    INFO[0000] /var/lib/crowdsec/data/metabase.db exists, skip.
    INFO[0000] Pulling docker image metabase/metabase:v0.37.0.2
    ...
    INFO[0001] creating container '/crowdsec-metabase'
    FATA[0001] container create: failed to create container : Error response from daemon: invalid mount config for type "bind": bind source path does not exist: /var/lib/crowdsec/data

    What sounds wrong is that /var/lib/crowdsec/data/metabase.db exists, but docker complains that
    source path does not exist: /var/lib/crowdsec/data
    Thibault "bui" Koechlin
    @buixor
    Hello @ryogasp:matrix.org :)
    ryogasp
    @ryogasp:matrix.org
    [m]
    could it be because /var/lib/crowdsec/data belongs to root ?
    or is it because I used snap install for docker?
    Thibault "bui" Koechlin
    @buixor
    yes it sounds likely
    I mean sorry
    For metabase (in version 1.0.6+) the cscli tool will ask to be allowed to create a group, so that metabase doesn't have to run as root, but can still access the SQLite file
    ah but you sudo so no reason it would fail
    what version are you using ?
    ryogasp
    @ryogasp:matrix.org
    [m]
    oh, I remember seeing a pull request with this change recently, i am running version: v1.0.2-b79c897d99cf18c031846398d01bbec7f7d79c3d
    Thibault "bui" Koechlin
    @buixor
    ooh
    ah
    can you show me the perms on your SQLite file ? :)
    (we can switch to PM if you want to avoid spamming the chan)
    ryogasp
    @ryogasp:matrix.org
    [m]
    I am reproducing this issue with latest version (v1.0.7) even after accepting to create the crowdsec group
    Thibault "bui" Koechlin
    @buixor
    what OS are you running ? so we can try to reproduce :)
    ryogasp
    @ryogasp:matrix.org
    [m]
    nothing fancy: Ubuntu 20.04.1 LTS with docker 19.03.13 installed via snap
    Thibault "bui" Koechlin
    @buixor
    nothing too fancy indeed :/ you just installed crowdsec and then directly tried to deploy the dashboard ? or you had some kind of customizations ?
    ryogasp
    @ryogasp:matrix.org
    [m]
    installed crowdsec in december, added a few "receipies" (such as sshd), tried to have the dashboard and gave up.
    today, I upgraded the binary using the wizard, retried, still having the same issue
    erenJag
    @erenJag

    Hi @ryogasp:matrix.org,

    Could you please try to remove the metabase DB and retry :

    sudo cscli dashboard remove
    sudo cscli dashboard setup --listen 0.0.0.0
    ryogasp
    @ryogasp:matrix.org
    [m]
    thanks, but nope, exact same error
    Thibault "bui" Koechlin
    @buixor
    I will try to reproduce, but I had the same setup, except for the docker version
    ryogasp
    @ryogasp:matrix.org
    [m]
    Any news buixor (Thibault "bui" Koechlin) ? should I open a thread on discourse so it could be indexable by search engines ?
    Thibault "bui" Koechlin
    @buixor
    Hello ! @ryogasp:matrix.org sorry I didn't had time to manage to reproduce it
    would you mind opening an issue on github ? else I'll keep you posted when I have time to try it
    ryogasp
    @ryogasp:matrix.org
    [m]
    Thibault "bui" Koechlin
    @buixor
    ah, it might make sense, I never tried with non docker-ce
    ryogasp
    @ryogasp:matrix.org
    [m]
    which is now docker.io, right ?
    Thibault "bui" Koechlin
    @buixor
    docker-ce is the version you grab from docker.com (or their repo), and I think docker.io is the version packaged by distribution maintainers yes (from my understanding at least :D )
    Maxence
    @Maxence1502
    image.png
    Hello! I have a lot of decisions caused by Cloudfare, I'm using Cloudfare for my DNS. Is it normal ?
    Thibault "bui" Koechlin
    @buixor
    Hello
    no this is not normal, what scenarios have been triggered ?
    if you are doing web and are using them as CDN, you should use https://hub.crowdsec.net/author/crowdsecurity/collections/whitelist-good-actors as well
    this will avoid banning CDN or SEO stuff (I guess we should make this a default in web-related collections)
    Maxence
    @Maxence1502
    On peut le faire en français, ça sera plus simple :)
    C'est le http-bad-user-agent qui est trigger
    image.png
    Thibault "bui" Koechlin
    @buixor
    mh ca a pas l'air tip-top
    tu saurais me sortir des logs des ips associes ?
    (par contre je risque de devoir afk sous peu, donc ptet en pv pour pas perdre trace/polluer)
    Maxence
    @Maxence1502
    Comment je peux faire ça ?
    J'ai setup le whitelist-good-actors, est-ce qu'il y a une configuration particulière à faire ?
    Crowd-security
    @Crowd-security
    Non, ça va juste éviter les bans futurs sur les ips etc éligibles
    Maxence
    @Maxence1502
    D'accord, donc normalement il ne devrait plus y avoir les IPs de Cloudfare dans les prochaines décisions ?