Add CrowdSec bouncer doc

61c4150c · Yadd · b5c0ca94 · 61c4150c · 61c4150c · 61c4150c
Commit 61c4150c authored Feb 18, 2021 by Yadd
--- a/doc/sources/admin/crowdsec.rst
+++ b/doc/sources/admin/crowdsec.rst
+CrowdSec
+========
+
+Presentation
+------------
+
+`CrowdSec <https://crowdsec.net>`__ is a free and open-source security
+automation tool leveraging local IP behavior detection and a
+community-powered IP reputation system.
+
+LL::NG provides a **CrowdSec** bouncer that can reject Crowdsec banned-IP
+requests or just provide an environment variable that can be used in
+another plugin rule. For example, a second factor may be required if user's
+IP is CrowdSec bans it.
+
+Configuration
+-------------
+
+To configure bouncer plugin, go in ``General Parameters`` > ``Plugins`` >
+``CrowdSec``.
+
+You can then configure:
+
+- **Activation**: enable this plugin *(default: disabled)*
+- **Action**: reject **or** warn and set ``$env->{CROWDSEC_REJECT} = 1``
+- **Base URL of local API**: base URL of CrowdSec local API
+  *(default: http://localhost:8080)*
+- **API key**: API key, usually given by ``cscli bouncers add mylemon``
--- a/doc/sources/admin/index_plugins.rst
+++ b/doc/sources/admin/index_plugins.rst
@@ -11,6 +11,7 @@ Plugins
   checkdevops
   checkstate
   checkuser
+   crowdsec
   viewer
   contextswitching
   decryptvalue

--- a/doc/sources/admin/start.rst
+++ b/doc/sources/admin/start.rst
@@ -276,6 +276,7 @@ Name                                                                 Description
 :doc:`Check user<checkuser>`  [6]_ |new|                             Check access rights, transmitted headers and session attibutes for a specific user and URL
 :doc:`Configuration viewer<viewer>` |new|                            Edit WebSSO configuration in Read Only mode
 :doc:`Context switching<contextswitching>`  [7]_\ |new|              Switch context other users
+:doc:`CrowdSec<crowdsec>`  [16]_\ |new|                              CrowdSec bouncer
 :doc:`Custom<plugincustom>`                                          Write a custom plugin
 :doc:`Decrypt value<decryptvalue>`  [8]_\ |image35|                  Decrypt ciphered values
 :doc:`Display login history<loginhistory>`                           Display Success/Fails logins
@@ -608,6 +609,9 @@ by your language code):
 .. [15]
   :doc:`OAuth2 Handler<oauth2handler>` is available with LLNG ≥ 2.0.4

+.. [16]
+   :doc:`CrowdSec bouncer <crowdsec>` is available with LLNG ≥ 2.0.12
+
 .. |image0| image:: /icons/kthememgr.png
 .. |image1| image:: /icons/warehause.png
 .. |image3| image:: /icons/clean.png