From 292dcbe9095fc40e830d7cd0216fe631810c0aaf Mon Sep 17 00:00:00 2001 From: Timo Behrendt Date: Sun, 28 Dec 2025 09:48:33 +0100 Subject: [PATCH] feat: add crowdsec --- crowdsec/helmfile.yaml | 12 ++++++++++++ crowdsec/values.yaml | 35 +++++++++++++++++++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 crowdsec/helmfile.yaml create mode 100644 crowdsec/values.yaml diff --git a/crowdsec/helmfile.yaml b/crowdsec/helmfile.yaml new file mode 100644 index 0000000..8c390a7 --- /dev/null +++ b/crowdsec/helmfile.yaml @@ -0,0 +1,12 @@ +repositories: + - name: crowdsec + url: https://crowdsecurity.github.io/helm-charts + +releases: + - name: crowdsec + namespace: kube-system + createNamespace: false + chart: crowdsec/crowdsec + version: 0.20.0 + values: + - values.yaml diff --git a/crowdsec/values.yaml b/crowdsec/values.yaml new file mode 100644 index 0000000..abc842f --- /dev/null +++ b/crowdsec/values.yaml @@ -0,0 +1,35 @@ +container_runtime: containerd + +agent: + enabled: true + acquisition: + - namespace: kube-system + podName: traefik-* + program: traefik + metrics: + enabled: false + +lapi: + enabled: true + replicas: 1 + metrics: + enabled: true + persistentVolume: + data: + enabled: true + size: 1Gi + config: + enabled: true + size: 100Mi + +config: + config.yaml.local: | + api: + server: + auto_registration: + enabled: true + token: "${REGISTRATION_TOKEN}" + allowed_ranges: + - "10.0.0.0/8" + - "172.16.0.0/12" + - "192.168.0.0/16"