DietPi-Software | CrowdSec #5033
Replies: 8 comments 3 replies
-
Many thanks for your suggestion. So in a way it combines an online database for IPs which try to e.g. brute-force a service (like StopForumSpam for spammers) with a firewall like Fail2Ban, right? Sounds like a reasonable approach, so I can contribute e.g. with logs about bots who try to access common Wordpress or other login/RPC interfaces to a database so that others can block requests from those bots in the first place.
Basically FeatHub is dead. Their HTTPS certificate expired a while ago. While one can ignore it with browsers, it breaks authentication against GitHub. We're not yet sure how to proceed with requests voting, probably going with "thumbs up" here on the GitHub issues is the easiest solution, so to not rely on any 3rd party provider. Hence, if anyone else wants to have this, please vote for it here by giving the OP a thumbs up. |
Beta Was this translation helpful? Give feedback.
-
Hey and thanks What you're describing is definately a part of what we're trying to achieve. It's turning into a db of ips performing all sorts of attacks as well as a companion toolbox to mitigate all sorts of attacks. Would you be interested in CrowdSec 'sponsoring' a port and maintainance of it? Would that be possible to speed up the process? Another thing to consider could be that we (or actually anyone else) could update our documentation so that installing on DietPi would be in the official documentation being by far the easiest way to get CrowdSec on any of the devices supported by DietPi. I am sure it would generate attention towards DietPi as the general usage of CrowdSec just keep on rises. Hopefully it could affect DietPi as well. Thanks for the update on Feathub. That's a bummer. |
Beta Was this translation helpful? Give feedback.
-
Actually it is pretty easy to install since Debian (and Raspbian) ships packages since Bullseye: https://packages.debian.org/bullseye/crowdsec Those are not up-to-date, so I prefer to go with CrowdSec's own APT repository: https://packagecloud.io/install/repositories/crowdsec/crowdsec/config_file.list?os=debian&dist=bullseye&source=script Tested and realised that the official repo is x86_64/arm64 only, so on ARMs (matching what you already said) we'd need to go with Debian's older packages or ship own ones. But wow, you even provide a Bookworm suite already 👍. What I struggled to find is actual build instructions. All links about "build it from source" point to install instructions based on pre-compiled (x86_64) binaries/packages but not to actual source build instructions 😄:
Finally I found it here: https://doc.crowdsec.net/docs/getting_started/install_crowdsec#running-crowdsec-on-raspberry-pi-osraspbian Next is then to see whether there are further setup steps, e.g. integration with other software titles, we may want to apply on DietPi. With Fail2Ban we currently only enable it OOTB for OpenSSH resp. Dropbear, but generally enabling it for other installed software titles with web interface and/or API would be quite nice. I'll also have a look what it does OOTB. EDIT: Correction, the official APT repo ships ARMv8/arm64 packages as well:
|
Beta Was this translation helpful? Give feedback.
-
Hi again The crowdsec package in bullseye is just the agent (which doesn't block anything). Also it's rather old and probably won't work with many bouncers anyway. Bouncers block traffic so without them it's not really much fun. So I wouldn't recommend anyone not using CrowdSec's own builds :) Thanks for your building comments. If you run in to issues let me know and I can set you up with a developer who can help you out. Thanks for looking into it. Highly appreciated :-) |
Beta Was this translation helpful? Give feedback.
-
Ah okay, good to know. Probably we can provide an armv6hf package which matches the one provided at |
Beta Was this translation helpful? Give feedback.
-
Sounds great! Let me know if there's anything I can do to help. |
Beta Was this translation helpful? Give feedback.
-
I don't want to sound like an impatient ass here but do you have any idea about the time horizon for this? Also, can we contribute part of a developer for this? Would that make sense? |
Beta Was this translation helpful? Give feedback.
-
Let me move this to discussions, which we use now as new voting system, since FeatHub is broken. |
Beta Was this translation helpful? Give feedback.
-
Creating a software request
Formal software information
Are there similar/alternative software titles available with DietPi-Software?
What makes your requested software better than the above solutions, if available?
(Disclaimer: I am head of community at CrowdSec and an avid user myself. I wouldn't work there if I didn't think the software was great. Just as I think DietPi is damn cool btw)
How can DietPi make the installation easier or compatible, than following the install instructions or do APT installation, if available?
Can you provide the installation steps that you would suggest DietPi-Software to do?
Are you willing to help maintaining the software installation, e.g. in case of needed setup changes due to updates etc.? This is not needed, but could speed up our decision to implement it, as man power is always a topic 😉.
I am not a developer, so sadly no. But I would not rule out that we would pay someone to do the initial work and maintaining. For instance via financially supporting DietPi. Shoot me a mail at [email protected] so we can discuss the possibilities.
Vote for this software with the up button below this post!
Beta Was this translation helpful? Give feedback.
All reactions