No description
dcfba46ccd
Avoid warnings like this :
```
2020/12/28 20:37:35 [warn] 3368#3368: *1 [lua] _G write guard:12: __newindex(): writing a global Lua variable ('headers') which may lead to race conditions between concurrent requests, so prefer the use of 'local' variables#012stack traceback:#012#011/usr/local/lib/lua/crowdsec/CrowdSec.lua:85: in function 'allowIp'#012#011access_by_lua(main-lua.conf:166):105: in main chunk, client: 1.3.3.7, server: some.server.com, request: "GET /randomfile1 HTTP/2.0", host: "some.server.com"
```
|
||
|---|---|---|
| lib | ||
| .gitignore | ||
| install.sh | ||
| Makefile | ||
| README.md | ||
| template.conf | ||
| uninstall.sh | ||
lua-cs-bouncer
Lua module to allow ip (or not) from CrowdSec API.
Install & Config
git clone https://github.com/crowdsecurity/lua-cs-bouncer.git
Install script
sudo ./install.sh
⚠️ the installation script works only on Debian/Ubuntu
From source
Requirements
apt-get install lua5.3
apt-get install lua-sec
With make
sudo make install
Manually
- Create folder
/usr/local/lua/crowdsec/:
mkdir -p /usr/local/lua/crowdsec/
- Copy the
lua-cs-bouncer/lib/*.luainto/usr/local/lua/crowdsec/:
cp ./lua-cs-bouncer/lib/*.lua /usr/local/lua/crowdsec
- Copy the
lua-cs-bouncer/template.confinto/usr/local/lua/crowdsec/crowdsec.conf:
cp ./lua-cs-bouncer/template.conf /usr/local/lua/crowdsec/crowdsec.conf
Configuration
The configuration is located by default in /usr/local/lua/crowdsec/crowdsec.conf:
API_URL=http://localhost:8080 <-- the API url
API_KEY= <-- the API Key generated with `cscli bouncers add -n <bouncer_name>`
LOG_FILE=/tmp/lua_mod.log <-- path to log file
CACHE_EXPIRATION=1 <-- in seconds
CACHE_SIZE=1000 <-- cache size