2025-04-10, 07:14 AM
(This post was last modified: 2025-04-21, 07:47 AM by Duvel. Edited 3 times in total.)
This thread is turning into a "how to protect Jellyfin with Crowdsec" :-)
First of all in your config, you need 2 different API keys, because you have 2 components locally:
The LAPI server
The Caddy Bouncer
1. Your LAPI server should be registered with Crowdesc central servers, and you use the API key provided on your crowdsec.org CP
2. Your Caddy Bouncer should be registered with your LAPI server. It looks like you are stuck on that one.
In order to register your bouncer to your LAPI, you need to use the crowdsec CLI using cscli commands ( https://docs.crowdsec.net/docs/cscli/ )
If you have a normal install, you just do:
If you have a docker container, then you should do :
Where "crowdsec-cotainer" is the name of your LAPI container, adapt.
Example : list the machines
Next, list the bouncers:
I believe you are stuck there, and your list is probably empty. You have not added your caddy bouncer, which should have generated an API key for your bouncer to connect to the LAPI.
To register your caddy bouncer, use the <cscli bouncers add caddy-bouncer> command:
This is the API key that you should specify in your CaddyFile, there:
SERVICE-KEY-API-FROM-CROWDSEC-CONSOLE-SETTINGS
Once Caddyfile is adapted, restart caddy.
And then recheck your bouncers list and status with cscli bouncers list
--> You should now see your caddy-bouncer connected
First of all in your config, you need 2 different API keys, because you have 2 components locally:
The LAPI server
The Caddy Bouncer
1. Your LAPI server should be registered with Crowdesc central servers, and you use the API key provided on your crowdsec.org CP
2. Your Caddy Bouncer should be registered with your LAPI server. It looks like you are stuck on that one.
In order to register your bouncer to your LAPI, you need to use the crowdsec CLI using cscli commands ( https://docs.crowdsec.net/docs/cscli/ )
If you have a normal install, you just do:
Code:
sudo cscli <commands>If you have a docker container, then you should do :
Code:
sudo docker exec crowdsec-container cscli <command>Example : list the machines
Code:
tom@cerbere:/opt/caddy$ sudo docker exec crowdsec cscli machines list
[sudo] password for tom:
-------------------------------------------------------------------------------------------------------------------------------
Name IP Address Last Update Status Version OS Auth Type Last Heartbeat
-------------------------------------------------------------------------------------------------------------------------------
localhost 127.0.0.1 2025-04-10T06:38:05Z ✔️ v1.6.8-f209766e Alpine Linux (docker)/3.21.3 password 39s
-------------------------------------------------------------------------------------------------------------------------------Code:
tom@cerbere:/opt/caddy$ sudo docker exec crowdsec cscli bouncers list
---------------------------------------------------------------------------------------------------------
Name IP Address Valid Last API pull Type Version Auth Type
---------------------------------------------------------------------------------------------------------
caddy-bouncer@172.21.0.1 172.21.0.1 ✔️ 2025-04-10T06:49:58Z caddy-cs-bouncer v0.8.1 api-key
---------------------------------------------------------------------------------------------------------I believe you are stuck there, and your list is probably empty. You have not added your caddy bouncer, which should have generated an API key for your bouncer to connect to the LAPI.
To register your caddy bouncer, use the <cscli bouncers add caddy-bouncer> command:
Code:
$ sudo docker exec crowdsec cscli bouncers add caddy-bouncer
API key for 'caddy-bouncer':
Q8iKI+FuQc7SGG2vXQWx7WMpxKeGj2UA0Baw5lUf5Zc
Please keep this key since you will not be able to retrieve it!This is the API key that you should specify in your CaddyFile, there:
SERVICE-KEY-API-FROM-CROWDSEC-CONSOLE-SETTINGS
Once Caddyfile is adapted, restart caddy.
And then recheck your bouncers list and status with cscli bouncers list
--> You should now see your caddy-bouncer connected