From c66aa6017479b31cad6f27e9a07b2eae41a8d7b9 Mon Sep 17 00:00:00 2001 From: Laurence Date: Mon, 23 Sep 2024 11:38:52 +0100 Subject: [PATCH 1/2] enhance: Update to latest crowdsec and firewall remediation --- crowdsec-firewall-bouncer/Dockerfile | 2 +- crowdsec-firewall-bouncer/config.yaml | 2 +- crowdsec/Dockerfile | 22 +++++++++++----------- crowdsec/config.yaml | 2 +- 4 files changed, 14 insertions(+), 14 deletions(-) diff --git a/crowdsec-firewall-bouncer/Dockerfile b/crowdsec-firewall-bouncer/Dockerfile index 5174a02..ca06955 100644 --- a/crowdsec-firewall-bouncer/Dockerfile +++ b/crowdsec-firewall-bouncer/Dockerfile @@ -2,7 +2,7 @@ ARG BUILD_FROM FROM $BUILD_FROM ARG BUILD_ARCH -ARG BIN_VERSION=v0.0.28 +ARG BIN_VERSION=v0.0.30 RUN apt-get update && \ apt-get upgrade -y && \ diff --git a/crowdsec-firewall-bouncer/config.yaml b/crowdsec-firewall-bouncer/config.yaml index d9cf6f7..cf62bbe 100644 --- a/crowdsec-firewall-bouncer/config.yaml +++ b/crowdsec-firewall-bouncer/config.yaml @@ -1,7 +1,7 @@ name: "Crowdsec Firewall Bouncer" description: "Crowdsec bouncer written in golang for firewalls" url: "https://github.com/crowdsecurity/home-assistant-addons/tree/main/crowdsec-firewall-bouncer/DOCS.md" -version: "v0.0.28" +version: "v0.0.30" slug: crowdsec-firewall-bouncer init: false host_network: true diff --git a/crowdsec/Dockerfile b/crowdsec/Dockerfile index 0c8b79a..c7440a9 100644 --- a/crowdsec/Dockerfile +++ b/crowdsec/Dockerfile @@ -46,21 +46,21 @@ RUN echo "deb http://deb.debian.org/debian bullseye-backports main" >> /etc/apt/ #Add alias until env variables will be supported by crowdsec. RUN echo 'alias cscli="cscli -c /config/.storage/crowdsec/config/config.yaml"' > /root/.bashrc -COPY --from=crowdsecurity/crowdsec:v1.6.2 /staging/etc/crowdsec /etc/crowdsec -COPY --from=crowdsecurity/crowdsec:v1.6.2 /staging/var/lib/crowdsec /var/lib/crowdsec -COPY --from=crowdsecurity/crowdsec:v1.6.2 /usr/local/bin/crowdsec /usr/local/bin/crowdsec -COPY --from=crowdsecurity/crowdsec:v1.6.2 /usr/local/bin/cscli /usr/local/bin/cscli -COPY --from=crowdsecurity/crowdsec:v1.6.2 /docker_start.sh /docker_start.sh -COPY --from=crowdsecurity/crowdsec:v1.6.2 /staging/etc/crowdsec/config.yaml /etc/crowdsec/config.yaml +COPY --from=crowdsecurity/crowdsec:v1.6.3 /staging/etc/crowdsec /etc/crowdsec +COPY --from=crowdsecurity/crowdsec:v1.6.3 /staging/var/lib/crowdsec /var/lib/crowdsec +COPY --from=crowdsecurity/crowdsec:v1.6.3 /usr/local/bin/crowdsec /usr/local/bin/crowdsec +COPY --from=crowdsecurity/crowdsec:v1.6.3 /usr/local/bin/cscli /usr/local/bin/cscli +COPY --from=crowdsecurity/crowdsec:v1.6.3 /docker_start.sh /docker_start.sh +COPY --from=crowdsecurity/crowdsec:v1.6.3 /staging/etc/crowdsec/config.yaml /etc/crowdsec/config.yaml #Due to the wizard using cp -n, we have to copy the config files directly from the source as -n does not exist in busybox cp #The files are here for reference, as users will need to mount a new version to be actually able to use notifications -COPY --from=crowdsecurity/crowdsec:v1.6.2 /staging/etc/crowdsec/notifications/email.yaml /etc/crowdsec/notifications/email.yaml -COPY --from=crowdsecurity/crowdsec:v1.6.2 /staging/etc/crowdsec/notifications/http.yaml /etc/crowdsec/notifications/http.yaml -COPY --from=crowdsecurity/crowdsec:v1.6.2 /staging/etc/crowdsec/notifications/slack.yaml /etc/crowdsec/notifications/slack.yaml -COPY --from=crowdsecurity/crowdsec:v1.6.2 /staging/etc/crowdsec/notifications/splunk.yaml /etc/crowdsec/notifications/splunk.yaml +COPY --from=crowdsecurity/crowdsec:v1.6.3 /staging/etc/crowdsec/notifications/email.yaml /etc/crowdsec/notifications/email.yaml +COPY --from=crowdsecurity/crowdsec:v1.6.3 /staging/etc/crowdsec/notifications/http.yaml /etc/crowdsec/notifications/http.yaml +COPY --from=crowdsecurity/crowdsec:v1.6.3 /staging/etc/crowdsec/notifications/slack.yaml /etc/crowdsec/notifications/slack.yaml +COPY --from=crowdsecurity/crowdsec:v1.6.3 /staging/etc/crowdsec/notifications/splunk.yaml /etc/crowdsec/notifications/splunk.yaml # workaround to avoid having build issue ("failed to create image: failed to get layer") RUN true -COPY --from=crowdsecurity/crowdsec:v1.6.2 /usr/local/lib/crowdsec/plugins /usr/local/lib/crowdsec/plugins +COPY --from=crowdsecurity/crowdsec:v1.6.3 /usr/local/lib/crowdsec/plugins /usr/local/lib/crowdsec/plugins # Copy root filesystem COPY rootfs / diff --git a/crowdsec/config.yaml b/crowdsec/config.yaml index 3ee79de..de5a449 100644 --- a/crowdsec/config.yaml +++ b/crowdsec/config.yaml @@ -1,7 +1,7 @@ name: "Crowdsec" description: "CrowdSec - the open-source and participative IPS" url: "https://github.com/crowdsecurity/home-assistant-addons/blob/main/crowdsec/DOCS.md" -version: "1.6.2" +version: "1.6.3" slug: "crowdsec" init: false ingress: true From 937515e82956028f6f55d8b129463f83807d7e88 Mon Sep 17 00:00:00 2001 From: Laurence Date: Mon, 23 Sep 2024 11:52:06 +0100 Subject: [PATCH 2/2] enhance: update changelog.md --- crowdsec/CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/crowdsec/CHANGELOG.md b/crowdsec/CHANGELOG.md index 7b123a2..5fb68eb 100644 --- a/crowdsec/CHANGELOG.md +++ b/crowdsec/CHANGELOG.md @@ -1,5 +1,9 @@ # Changelog +## 1.6.3 + +- Bump crowdsec version to 1.6.3 + ## 1.6.2 - Bump crowdsec version to 1.6.2