ashie/nixos-vps
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: enable CrowdSec Local API for cscli

Browse source 
Add LAPI server configuration with credentials file path.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
ashisgreat22 2026-03-18 13:53:15 +01:00
parent e0de37b15f
commit 8a933fd9de
1 changed files with 22 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

22
modules/crowdsec.nix
View file

@ -9,11 +9,13 @@
{ {
config, config,
lib, lib,
pkgs,
... ...
}: }:
let let
cfg = config.myModules.crowdsec; cfg = config.myModules.crowdsec;
credentialsFile = "/var/lib/crowdsec/state/lapi_credentials.yaml";
in in
{ {
options.myModules.crowdsec = { options.myModules.crowdsec = {
@ -38,6 +40,15 @@ in
enable = true; enable = true;
autoUpdateService = true; autoUpdateService = true;
# Enable Local API server
settings = {
general.api.server = {
enable = true;
listen_uri = "127.0.0.1:8080";
};
lapi.credentialsFile = credentialsFile;
};
# Log acquisitions # Log acquisitions
localConfig.acquisitions = [ localConfig.acquisitions = [
# SSH logs # SSH logs
@ -95,5 +106,16 @@ in
]; ];
}; };
}; };
# Ensure credentials directory exists
systemd.tmpfiles.settings."10-crowdsec-lapi" = {
"/var/lib/crowdsec/state" = {
d = {
user = "crowdsec";
group = "crowdsec";
mode = "0750";
};
};
};
}; };
} }