diff --git a/configuration/default.nix b/configuration/default.nix
index 8dddf76..d4c422f 100644
--- a/configuration/default.nix
+++ b/configuration/default.nix
@@ -18,6 +18,7 @@
./services/backups.nix
./services/battery-manager.nix
./services/conduit.nix
+ ./services/crowdsec.nix
./services/foundryvtt.nix
./services/gitea.nix
./services/metrics
diff --git a/configuration/services/crowdsec.nix b/configuration/services/crowdsec.nix
new file mode 100644
index 0000000..a9c790c
--- /dev/null
+++ b/configuration/services/crowdsec.nix
@@ -0,0 +1,26 @@
+{ pkgs, ... }:
+{
+ services.crowdsec = {
+ enable = true;
+
+ parserWhitelist = [
+ "1.64.239.213"
+ ];
+
+ settings.crowdsec_service.acquisition_path = pkgs.writeText "crowdsec-acquisitions.yaml" ''
+ ---
+ source: journalctl
+ journalctl_filter:
+ - "SYSLOG_IDENTIFIER=Nextcloud"
+ labels:
+ type: syslog
+ ---
+ source: journalctl
+ journalctl_filter:
+ - "SYSLOG_IDENTIFIER=sshd-service"
+ labels:
+ type: syslog
+ ---
+ '';
+ };
+}
diff --git a/configuration/services/metrics/victoriametrics.nix b/configuration/services/metrics/victoriametrics.nix
index 710cf70..4ed2773 100644
--- a/configuration/services/metrics/victoriametrics.nix
+++ b/configuration/services/metrics/victoriametrics.nix
@@ -10,6 +10,7 @@
extraSettings.authorization.credentials_file = config.sops.secrets."forgejo/metrics-token".path;
};
coturn.targets = [ "127.0.0.1:9641" ];
+ crowdsec.targets = [ "127.0.0.1:6060" ];
};
};
}
diff --git a/modules/crowdsec.nix b/modules/crowdsec.nix
index b283e6f..1f3ffea 100644
--- a/modules/crowdsec.nix
+++ b/modules/crowdsec.nix
@@ -200,7 +200,10 @@ in
];
environment = {
- systemPackages = [ cscli ];
+ systemPackages = [
+ # TODO(tlater): Figure out a way to get completions to work
+ cscli
+ ];
etc."crowdsec/config.yaml".source = settingsFormat.generate "crowdsec-settings.yaml" cfg.settings;
};