docker-compose.yaml
version: "3.8"
services:
traefik:
image: "traefik:v2.5"
container_name: "traefik"
command:
# - "--log.level=DEBUG"
- "--api.insecure=true"
- "--providers.docker=true"
- "--providers.docker.exposedbydefault=false"
- "--entrypoints.web.address=:80"
volumes:
# - "/var/run/docker.sock:/var/run/docker.sock:ro" # Docker standard mode
- "/run/user/1000/docker.sock:/var/run/docker.sock:ro" # Docker in rootless mode
network_mode: host
whoami:
image: traefik/whoami
container_name: "simple-service"
labels:
# Create bouncer middleware
- "traefik.http.middlewares.crowdsec-bouncer.forwardauth.address=http://127.0.0.1:8081/api/v1/forwardAuth"
- "traefik.http.middlewares.crowdsec-bouncer.forwardauth.trustForwardHeader=true"
# Traefik routing to this service
- "traefik.enable=true"
- "traefik.http.routers.whoami.rule=Host(`localhost`, `192.168.1.80`)"
- "traefik.http.routers.whoami.entrypoints=web"
- "traefik.http.routers.whoami.middlewares=crowdsec-bouncer@docker"
crowdsec:
image: crowdsecurity/crowdsec:v1.2.0
environment:
COLLECTIONS: "crowdsecurity/nginx"
GID: "${GID-1000}"
depends_on:
- 'traefik'
volumes:
- ./crowdsec/acquis.yaml:/etc/crowdsec/acquis.yaml
- logs:/var/log/nginx
- crowdsec-db:/var/lib/crowdsec/data/
- crowdsec-config:/etc/crowdsec/
ports:
- "8083:8080"
# dashboard:
# build: ./crowdsec/dashboard
# ports:
# - 3000:3000
# environment:
# MB_DB_FILE: /data/metabase.db
# MGID: "${GID-1000}"
# depends_on:
# - 'crowdsec'
# volumes:
# - crowdsec-db:/metabase-data/
## networks:
## crowdsec_test:
## ipv4_address: 172.20.0.5
# # credentials: crowdsec@crowdsec.net and !!Cr0wdS3c_M3t4b4s3??
volumes:
logs:
crowdsec-db:
crowdsec-config: