jasmin_shah

joined 1 year ago
 

I used to have a previous setup where I was exposing my *arr stack to the internet using wireguard to a VM, which had (traefik+crowdsec), then connected with Cloudflare. I had taken my sweet time to figure out a complete CrowdSec setup with Traefik logs, bouncers, and whatnot (it's been a couple of years, so I barely remember anything).

I recently completely migrated my stack to Cloudflare Tunnels, and it's such a bliss. But I am still wondering how I can protect my Ubuntu home server.

  1. Is something like this enough, which reads logs from journald and blocks bad actors through iptables? https://github.com/crowdsecurity/example-docker-compose/tree/main/journald Or does there need to be a bouncer as well?
  2. Do you recommend any other collections?
  3. How do I configure it to see the reports on the CrowdSec hub? As I don't want to spend my compute on running the dashboard.

I will be happy if anyone can share their existing configuration for a similar setup.

[–] [email protected] 1 points 1 year ago

Works surprisingly well, kudos!