crowdsec-bouncer-traefik-plugin
crowdsec-bouncer-traefik-plugin copied to clipboard
maxlerebourg
[BUG] invalid middleware
Describe the bug 🐛 Looking within the CrowdSec Console, traefik-bouncer is unknown version and there is no metrics. Going into crowdsec container and checking the metrics of the bouncer I get this:
cscli bouncers inspect traefik-bouncer
───────────────────────────────────────────────────────
Bouncer: traefik-bouncer
───────────────────────────────────────────────────────
Created At 2025-02-18 03:00:04.951715543 +0000 UTC
Last Update 2025-02-18 03:00:04.951715699 +0000 UTC
Revoked? false
IP Address
Type
Version
Last Pull
Auth type api-key
OS ?
Auto Created false
I am able to use traefik as normal
Expected behavior 👀 I would hope that I would be able to see metrics and know if this bouncer is doing anything?
Context 🔎 plugin config:
crowdsec:
plugin:
bouncer:
enabled: true
logLevel: debug
crowdsecLapiKey: <KEY>
crowdsecLapiHost: crowdsec:8888
crowdsecAppsecEnabled: true
crowdsecAppsecHost: crowdsec:7422
forwardedHeadersTrustedIPs:
- 173.245.48.0/20
- 103.21.244.0/22
- 103.22.200.0/22
- 103.31.4.0/22
- 141.101.64.0/18
- 108.162.192.0/18
- 190.93.240.0/20
- 188.114.96.0/20
- 197.234.240.0/22
- 198.41.128.0/17
- 162.158.0.0/15
- 104.16.0.0/13
- 104.24.0.0/14
- 172.64.0.0/13
- 131.0.72.0/22
clientTrustedIPs:
- 192.168.1.0/24
Version (please complete the following information):
- OS: Ubunto
- Traefik version: 3.0.4
- Plugin version: 1.4.2
Actually, scratch that about traefik working normally. While testing I had commented out the crowdsec middleware from the chain file. readding it causes a 404.
In my Log i am getting:
2025-02-18T16:36:20+11:00 ERR github.com/traefik/traefik/v3/pkg/server/router/router.go:136 > error="invalid middleware \"crowdsec@file\" configuration: invalid middleware type or middleware does not exist"
ANNND Further into the log:
2025-02-18T16:42:20+11:00 ERR github.com/traefik/traefik/v3/cmd/traefik/traefik.go:230 > Plugins are disabled because an error
has occurred. error="unable to set up plugins environment: unable to download plugin github.com/maxlerebourg/crowdsec-
bouncer-traefik-plugin: failed to call service: Get \"https://plugins.traefik.io/public/download/github.com/maxlerebourg/crowdsec-
bouncer-traefik-plugin/v1.4.2\": GET https://plugins.traefik.io/public/download/github.com/maxlerebourg/crowdsec-bouncer-
traefik-plugin/v1.4.2 giving up after 4 attempt(s)"
So I changed the version to v1.4.1 and now the error is:
2025-02-18T16:49:17+11:00 ERR github.com/traefik/traefik/v3/pkg/server/router/router.go:136 > error="plugin: unknown plugin
type: bouncer" entryPointName=websecure routerName=traefik-rtr@docker
Alright, I seemed to have solved this myself. I needed to name
middlewares:
crowdsec:
plugin:
bouncers: <---- to ----> crowdsec-bouncer-traefik-plugin:
I suppose my only remaining question, is how do I view metrics for this bouncer?
@fregapple the plugin seems to be currently not reporting any metrics to the LAPI, see https://github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin/issues/171
Due to Max's comment, I assume there is no intended functionality for it. Have you tried what he suggested? Is it worth playing around with that?
@fregapple this should be easy to implement, I wanted to take a shot at it but found that the CLAPI documentation for the metrics endpoint is scarce and I am not sure on what is the correct way of feeding the metrcis through the metrcis endpoint.
Hi @fregapple,
Responding with some delay. I'm aware we don't have much metrics linked to the plugin and we are following issue #171 and newly created MR by @david-garcia-garcia.
I just wanted to say that you should get more info that what you had from the command inspect.
I run the docker compose from the repository (with crowdsec latest) and got this:
user@user-pc:~/$ docker exec crowdsec cscli bouncers inspect TRAEFIK
level=warning msg="can't load CAPI credentials from '/etc/crowdsec//online_api_credentials.yaml' (missing login field)"
-------------------------------------------------------
Bouncer: TRAEFIK
-------------------------------------------------------
Created At 2025-03-31 17:57:20.83120561 +0000 UTC
Last Update 2025-03-31 18:03:16.115739732 +0000 UTC
Revoked? false
IP Address 172.18.0.5
Type Go-http-client
Version 1.1
Last Pull 2025-03-31 18:03:16.115736729 +0000 UTC
Auth type api-key
OS ?
Auto Created false
------------------------------------------------------
I do have IP, Type and version filled after the plugin contacted the LAPI.
Is everything working ok for you except for the metrics ?
If yes, I'd like to close this issue and we'll link and continue in #171
Should we also rename it here @fregapple
- "--experimental.plugins.crowdsec-bouncer-traefik-plugin.moduleName=github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin"
- "--experimental.plugins.crowdsec-bouncer-traefik-plugin.version=v1.4.2"
Also, my version is shown as Version 1.X.X .
