crowdsec-cloudflare-bouncer
crowdsec-cloudflare-bouncer
Docker app from mrslaw's Repository
Overview
A bouncer that syncs the decisions made by CrowdSec with CloudFlare's firewall. Manages multi user, multi account, multi zone setup. Supports IP, Country and AS scoped decisions.
Requirements
Create API token and set permisions
https://dash.cloudflare.com/profile/api-tokens
https://raw.githubusercontent.com/crowdsecurity/cs-cloudflare-bouncer/main/docs/assets/token_permissions.png
Obtain `crowdsec_lapi_key` from crowdsec terminal
`cscli -oraw bouncers add cloudflarebouncer`
Create `/crowdsec/bouncers` directory if it doesn't exist
`sudo mkdir /mnt/user/appdata/crowdsec/bouncers`
Create CF bouncer config using token(s), ex. `CLOUDFLARE_API_TOKEN1,CLOUDFLARE_API_TOKEN2`
`docker run --rm crowdsecurity/cloudflare-bouncer -g CLOUDFLARE_API_TOKEN /mnt/user/appdata/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml`
Review config and set `crowdsec_lapi_key` , `crowdsec_lapi_url` must be reachable by the container
`sudo nano /mnt/user/appdata/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml`
Start the container
https://dash.cloudflare.com/profile/api-tokens
https://raw.githubusercontent.com/crowdsecurity/cs-cloudflare-bouncer/main/docs/assets/token_permissions.png
Obtain `crowdsec_lapi_key` from crowdsec terminal
`cscli -oraw bouncers add cloudflarebouncer`
Create `/crowdsec/bouncers` directory if it doesn't exist
`sudo mkdir /mnt/user/appdata/crowdsec/bouncers`
Create CF bouncer config using token(s), ex. `CLOUDFLARE_API_TOKEN1,CLOUDFLARE_API_TOKEN2`
`docker run --rm crowdsecurity/cloudflare-bouncer -g CLOUDFLARE_API_TOKEN /mnt/user/appdata/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml`
Review config and set `crowdsec_lapi_key` , `crowdsec_lapi_url` must be reachable by the container
`sudo nano /mnt/user/appdata/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml`
Start the container
Runtime arguments
- Web UI
http://[IP]:[PORT:2112]/metrics- Network
bridge- Shell
sh- Privileged
- false
Template configuration
AppdataPathrw
- Target
- /etc/crowdsec
- Default
- /mnt/user/appdata/crowdsec/
PortPorttcp
- Target
- 2112
- Default
- 2112
- Value
- 2112
PUIDVariable
- Default
- 99
- Value
- 99
UMASKVariable
- Default
- 022
- Value
- 022
PGIDVariable
- Default
- 100
- Value
- 100
Categories
Download Statistics
396,924
Total Downloads
14,876
This Month
14,439
Avg / Month
Total Downloads Over Time
Loading chart...
Details
Repository
crowdsecurity/cloudflare-bouncer:latestLast Updated2024-09-16
First Seen2022-08-22
Run crowdsec-cloudflare-bouncer on Unraid.
crowdsec-cloudflare-bouncer is listed in Community Apps for Unraid OS. Explore Unraid to build a flexible home server, NAS, or homelab.