Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

traefik-bouncer not connecting #41

Open
lewisd19 opened this issue Nov 25, 2022 · 6 comments
Open

traefik-bouncer not connecting #41

lewisd19 opened this issue Nov 25, 2022 · 6 comments

Comments

@lewisd19
Copy link

lewisd19 commented Nov 25, 2022
edited

I am having a strange issue getting the traefik-bouncer up and running. Ive followed the steps and have got it going successfully on two other hosts but for whatever reason the host im attempting to get it going on will not connect to my traefik container. Im not sure what Im missing and super confused.

cscli bouncers list:

`----------------------------------------------------------------------------------------------------------------------------------------------------------------------
Name IP Address Valid Last API pull Type Version Auth Type

blocklistMirror 172.168.90.1 ✔️ 2022-11-25T13:20:15Z crowdsec-blocklist-mirror v0.0.1-debian-pragmatic-0c8983c08afb28d82d18c4835458aaa0019- api-key
3fa4f
traefik-bouncer ✔️ 2022-11-25T13:15:28Z api-key
----------------------------------------------------------------------------------------------------------------------------------------------------------------------`

logs from traefik-bouncer in debug:

`[GIN-debug] GET /api/v1/ping --> github.com/fbonalair/traefik-crowdsec-bouncer/controler.Ping (2 handlers)
[GIN-debug] [WARNING] Running in "debug" mode. Switch to "release" mode in production.
[GIN-debug] Listening and serving HTTP on :8080
[GIN-debug] Environment variable PORT is undefined. Using port :8080 by default
[GIN-debug] GET /api/v1/metrics --> github.com/fbonalair/traefik-crowdsec-bouncer/controler.Metrics (2 handlers)
[GIN-debug] [WARNING] You trusted all proxies, this is NOT safe. We recommend you to set a value.
[GIN-debug] GET /api/v1/healthz --> github.com/fbonalair/traefik-crowdsec-bouncer/controler.Healthz (2 handlers)
[GIN-debug] GET /api/v1/forwardAuth --> github.com/fbonalair/traefik-crowdsec-bouncer/controler.ForwardAuth (2 handlers)

also was getting this error which prompted me to nuke the setup and start over:

{"level":"warn","error":"invalid character 'p' after top-level value","time":"2022-11-24T01:29:00Z","message":"An error occurred while checking IP """}

Any ideas? Thanks in advance.
@jphp3405
Copy link

jphp3405 commented Feb 17, 2023
edited

Hello,

I have the same issue.

Here is my setup:

  crowdsec:
    <<: *common-keys-core 
    image: crowdsecurity/crowdsec
    container_name: crowdsec
    ports:
      - "8080:8080"
    environment:
      COLLECTIONS: "crowdsecurity/traefik crowdsecurity/http-cve crowdsecurity/whitelist-good-actors crowdsecurity/iptables crowdsecurity/linux baudneo/gotify LePresidente/jellyfin LePresidente/jellyseerr crowdsecurity/mariadb crowdsecurity/nextcloud schiz0phr3ne/prowlarr schiz0phr3ne/radarr schiz0phr3ne/sonarr timokoessler/uptime-kuma Dominic-Wagner/vaultwarden"
      GID: "${GID-1001}"
    volumes:
      - $LOGSDIR:/logs:ro
      - /var/log:/var/log:ro
      - $APPDATADIR/crowdsec/data:/var/lib/crowdsec/data
      - $APPDATADIR/crowdsec/config:/etc/crowdsec

# CrowdSec Bouncer - Traefik
  traefik-bouncer:
    <<: *common-keys-core # See EXTENSION FIELDS at the top
    image: fbonalair/traefik-crowdsec-bouncer
    container_name: traefik-bouncer
    expose:
      - 8080
    depends_on:
      - crowdsec
    environment:
      GIN_MODE: release 
      CROWDSEC_BOUNCER_API_KEY : $CROWDSEC_BOUNCER_TRAEFIK_API_KEY 
      CROWDSEC_AGENT_HOST : crowdsec:8080

Have you resolve it ?

@yfhyou
Copy link

yfhyou commented Feb 17, 2023

https://plugins.traefik.io/plugins/6335346ca4caa9ddeffda116/crowdsec-bouncer-traefik-plugin
Check out the traefik plugin to do the same. Maintainer updates it frequently, with many more config options.

@slimshizn
Copy link

Thanks for the input about the alternate bouncer, but that doesn't help this bouncer. I'm also having issues getting it to connect. If anyone has a solution other than another bouncer.

@ppokrovsky ppokrovsky mentioned this issue Jul 12, 2023
Open
@ppokrovsky
Copy link

Which port are you using to connect to crowdsec container?
I figured that crowdsec container for unraid opens two ports: 6060 and 8081
While trying to connect to 6060, I experienced the same issue.
Meanwhile I switched to using traefik plugin and never tried connecting bouncer to port 8081. You can try to point bouncer to port 8081 for crowdsec container, maybe that would solve the issue.

@Psycho0verload
Copy link

@lewisd19 & @jphp3405
Which host system do you use?

@thamow
Copy link

thamow commented Mar 7, 2024
edited

Still having the same issue here (with a stand-alone container as well as when using the plugin). I'm using ubuntu server 22.04.4 LTS as a VM on Promxox.
I don't think this matters here but I do have a ufw aktiv blocking most incoming connections but since this is all routed through the internal docker network the firewall should be irrelevant, right?

Edit: I conducted following tests:
ping traefik-bouncer:8080 from within the traefik container -> works just fine
ping http://traefik-bouncer:8080/api/v1/ping -> results in ping: bad address 'http://traefik-bouncer:8080/api/v1/ping'

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@ppokrovsky @yfhyou @slimshizn @lewisd19 @Psycho0verload @thamow @jphp3405