LaurenceJJones

# security headers
add_header X-XSS-Protection          "0;" always;
add_header X-Content-Type-Options    "nosniff" always;
add_header Referrer-Policy           "no-referrer-when-downgrade" always;
add_header Content-Security-Policy   "default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline' 'unsafe-eval'; frame-ancestors 'self';" always;
add_header Permissions-Policy        "interest-cohort=()" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

# . files
location ~ /\.(?!well-known) {

LaurenceJJones

#!/bin/bash

RE2_VERSION=${RE2_VERSION:-2025-08-12}

## Utilities ##
download() {
    if [ -z "$1" ]; then
        echo "download() requires a URL as first argument"
        exit 1
    fi

LaurenceJJones

#!/bin/bash

TMP_DIR=$(mktemp -d)

dump_tree() {
    cscli "$1" list --output raw | cut -d, -f1 | grep -v ^name$ > "$TMP_DIR/$1.txt"
}

check_root() {
    if [[ $EUID -ne 0 ]]; then

LaurenceJJones

#!/bin/bash

### Prequesites
## jq curl
###

### Variables
LAPI="http://127.0.0.1:8080"
ORIGINS="crowdsec,cscli" ## Comma separated list of ORIGINS ## Dont include CAPI as capi will flush every 2 hours and will make your lights go wild
API_KEY=""

LaurenceJJones

#!/bin/bash
VERSION=${VERSION:-1.24.2}
# Detect OS platform amd64
OS=$(uname -s | tr '[:upper:]' '[:lower:]')
ARCH=$(uname -m | tr '[:upper:]' '[:lower:]')
if [ "$ARCH" = "x86_64" ]; then
    ARCH="amd64"
fi
# Detect OS platform arm64
if [ "$ARCH" = "aarch64" ]; then

LaurenceJJones

#!/bin/bash
##########
## Maintained by Laurence from CrowdSec 
## Discord: https://discord.gg/crowdsec
## Website: https://www.crowdsec.net/
## Docs: https://docs.crowdsec.net/
##########

# Linode users can use the UI to change these variables
# Digital ocean users uncomment and change these variables

LaurenceJJones

type: leaky
format: 2.0
#debug: true
name: example/chrome-under-100
description: "Detect bad user-agents of chrome under version 100"
filter: 'evt.Meta.log_type in ["http_access-log", "http_error-log"] && evt.Parsed.http_user_agent matches "Chrome\\/[0-9][0-9]?\\."'
capacity: 1
leakspeed: 1m
groupby: "evt.Meta.source_ip"
blackhole: 2m

LaurenceJJones

Dominic-Wagner/vaultwarden `
LePresidente/adguardhome `
LePresidente/authelia `
LePresidente/emby `
LePresidente/gitea `
LePresidente/jellyfin `
LePresidente/jellyseerr `
LePresidente/ombi `
LePresidente/redmine `
a1ad/meshcentral `

LaurenceJJones

CROWDSEC_GITHUB_RELEASE="github.com/crowdsecurity/crowdsec/releases/download"
CROWDSEC_VERSION="1.4.6"
CROWDSEC_FILE="crowdsec-release-static.tgz"
OLD_DIR=$(pwd)
TMP_DIR=$(mktemp -d)

download() {
    if command -v curl >/dev/null; then
        cd "$2" || (echo "Could not cd to $2" && exit 1)
        # older versions of curl don't support --output-dir

LaurenceJJones

filter: "evt.Line.Labels.type == 'containerd' && evt.Line.Labels.program == 'syslog'"
name: crowdsecurity/cri-syslogs
description: CRI logging format parser for syslogs
#debug: true
pattern_syntax:
  RAW_SYSLOG_PREFIX: '^<%{NUMBER:stuff1}>%{NUMBER:stuff2} %{SYSLOGBASE2} %{DATA:program} %{NUMBER:pid}'
  RAW_SYSLOG_META: '\[meta sequenceId="%{NOTDQUOTE:seq_id}"\]'
nodes:
  - grok:
      pattern: "^%{TIMESTAMP_ISO8601:cri_timestamp} %{WORD:stream} %{WORD:logtag} %{GREEDYDATA:message}"