ryuupendragon/docker-compose
0
0
Fork 0
Code Issues 1 Pull Requests 22 Actions Packages Projects Releases Wiki Activity

Update ghcr.io/crowdsecurity/crowdsec Docker tag to v1.7.0 #64

Merged
Ghost merged 0 commits from refs/pull/64/head into main 2025-09-23 19:54:22 +05:30
Conversation 0 Commits - Files Changed - +39 -198
Ghost commented 2025-09-23 19:25:58 +05:30 (Migrated from repo.local.ryuu.in)
Copy Link

This PR contains the following updates:

Package Update Change
ghcr.io/crowdsecurity/crowdsec minor v1.6.11 -> v1.7.0

Release Notes

crowdsecurity/crowdsec (ghcr.io/crowdsecurity/crowdsec)

v1.7.0

Compare Source

The 1.7.0 release of crowdsec brings some major changes to how services are auto-detected during installation, and to the metrics shared by the log processors to LAPI.

The new detection system, cscli setup, is much more flexible and powerful:

  • Supports Linux, BSD and Windows (at the time, auto-detection is only performed at install time for deb and RPM packages)
  • More services are detected out of the box
  • A custom detection configuration can be provided during installation to detect custom services and generate custom acquisition configs (eg, when not using default log paths)
  • The auto-detection can be skipped if the configuration is managed with tools like Ansible

Learn more about it in our documentation.

The Log Processors now send metrics about the acquisition (number of lines read and parsed per datasource) and the parsers (number of events parsed, unparsed, or whitelisted) to LAPI.
Those metrics are shown when running cscli machines inspect XXX.
In the future, they will also be displayed in the console and used to detect potentially misconfigured or misbehaving installations.

Other notable changes include:

  • Support for swarm in the docker datasource
  • Better CRS integration in the WAF (this will continue to be improved over time)
  • New expr helpers to compute the average and median time between events

[!WARNING]
Starting with this release, when crowdsec is run in a docker (or podman) container, a volume must be provided /var/lib/crowdsec/data/, otherwise the container will refuse to start.
This requirement does not apply to Kubernetes.

[!NOTE]
As previously documented here, the cscli dashboard command has been removed.
If you are still using the metabase dashboard, we recommend you migrate to https://app.crowdsec.net

Changes
New Features
Improvements
Bug Fixes
Chore / Deps
Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [ghcr.io/crowdsecurity/crowdsec](https://github.com/crowdsecurity/crowdsec) | minor | `v1.6.11` -> `v1.7.0` | --- ### Release Notes <details> <summary>crowdsecurity/crowdsec (ghcr.io/crowdsecurity/crowdsec)</summary> ### [`v1.7.0`](https://github.com/crowdsecurity/crowdsec/releases/tag/v1.7.0) [Compare Source](https://github.com/crowdsecurity/crowdsec/compare/v1.6.11...v1.7.0) The 1.7.0 release of crowdsec brings some major changes to how services are auto-detected during installation, and to the metrics shared by the log processors to LAPI. The new detection system, `cscli setup`, is much more flexible and powerful: - Supports Linux, BSD and Windows (at the time, auto-detection is only performed at install time for deb and RPM packages) - More services are detected out of the box - A custom detection configuration can be provided during installation to detect custom services and generate custom acquisition configs (eg, when not using default log paths) - The auto-detection can be skipped if the configuration is managed with tools like Ansible Learn more about it in [our documentation](https://docs.crowdsec.net/docs/log_processor/service-discovery-setup/intro). The Log Processors now send metrics about the acquisition (number of lines read and parsed per datasource) and the parsers (number of events parsed, unparsed, or whitelisted) to LAPI. Those metrics are shown when running `cscli machines inspect XXX`. In the future, they will also be displayed in the console and used to detect potentially misconfigured or misbehaving installations. Other notable changes include: - Support for swarm in the docker datasource - Better CRS integration in the WAF (this will continue to be improved over time) - New expr helpers to compute the average and median time between events > \[!WARNING] > Starting with this release, when crowdsec is run in a docker (or podman) container, a volume *must* be provided `/var/lib/crowdsec/data/`, otherwise the container will refuse to start. > This requirement does not apply to Kubernetes. > \[!NOTE] > As previously documented [here](https://docs.crowdsec.net/blog/cscli_dashboard_deprecation/), the `cscli dashboard` command has been removed. > If you are still using the metabase dashboard, we recommend you migrate to <https://app.crowdsec.net> ##### Changes - use go 1.24.6 ([#&#8203;3835](https://github.com/crowdsecurity/crowdsec/issues/3835)) [@&#8203;mmetc](https://github.com/mmetc) - CI: update actions; drop version comments ([#&#8203;3823](https://github.com/crowdsecurity/crowdsec/issues/3823)) [@&#8203;mmetc](https://github.com/mmetc) - install scripts: echo -e -> echo (we're not requiring bash anymore) ([#&#8203;3799](https://github.com/crowdsecurity/crowdsec/issues/3799)) [@&#8203;mmetc](https://github.com/mmetc) - move detect.yaml to /var/lib/crowdsec/data ([#&#8203;3797](https://github.com/crowdsecurity/crowdsec/issues/3797)) [@&#8203;mmetc](https://github.com/mmetc) - restore wizard.sh --unattended ([#&#8203;3790](https://github.com/crowdsecurity/crowdsec/issues/3790)) [@&#8203;mmetc](https://github.com/mmetc) - cleanup wizard.sh ([#&#8203;3786](https://github.com/crowdsecurity/crowdsec/issues/3786)) [@&#8203;mmetc](https://github.com/mmetc) - remove the cscli\_setup feature flag ([#&#8203;3784](https://github.com/crowdsecurity/crowdsec/issues/3784)) [@&#8203;mmetc](https://github.com/mmetc) - add detect.yaml in rpm files section ([#&#8203;3773](https://github.com/crowdsecurity/crowdsec/issues/3773)) [@&#8203;sabban](https://github.com/sabban) - refact whitelist/allowlist: net.IP to net/netip ([#&#8203;3683](https://github.com/crowdsecurity/crowdsec/issues/3683)) [@&#8203;mmetc](https://github.com/mmetc) - refact: pkg/database decisions filter, queries ([#&#8203;3635](https://github.com/crowdsecurity/crowdsec/issues/3635)) [@&#8203;mmetc](https://github.com/mmetc) ##### New Features - cscli: remove "dashboard" command ([#&#8203;3004](https://github.com/crowdsecurity/crowdsec/issues/3004)) [@&#8203;mmetc](https://github.com/mmetc) - clean up buckets serialization code ([#&#8203;3777](https://github.com/crowdsecurity/crowdsec/issues/3777)) [@&#8203;sabban](https://github.com/sabban) - cscli setup: new service detection and configuration ([#&#8203;3730](https://github.com/crowdsecurity/crowdsec/issues/3730)) [@&#8203;mmetc](https://github.com/mmetc) - feat: add swarm support to docker acquistion ([#&#8203;3744](https://github.com/crowdsecurity/crowdsec/issues/3744)) [@&#8203;LaurenceJJones](https://github.com/LaurenceJJones) ##### Improvements - WAF: Improve user-experience with CRS and modsecurity rules ([#&#8203;3827](https://github.com/crowdsecurity/crowdsec/issues/3827)) [@&#8203;blotus](https://github.com/blotus) - cscli setup: allow skipping service detection with $CROWDSEC\_SETUP\_UN… ([#&#8203;3822](https://github.com/crowdsecurity/crowdsec/issues/3822)) [@&#8203;mmetc](https://github.com/mmetc) - cscli setup: improve service detection and datasource validation ([#&#8203;3812](https://github.com/crowdsecurity/crowdsec/issues/3812)) [@&#8203;mmetc](https://github.com/mmetc) - cscli setup: skip missing items, fix collection name ([#&#8203;3794](https://github.com/crowdsecurity/crowdsec/issues/3794)) [@&#8203;mmetc](https://github.com/mmetc) - Improve the output of appsec `cscli hubtest` ([#&#8203;3791](https://github.com/crowdsecurity/crowdsec/issues/3791)) [@&#8203;buixor](https://github.com/buixor) - cscli setup improvements ([#&#8203;3789](https://github.com/crowdsecurity/crowdsec/issues/3789)) [@&#8203;mmetc](https://github.com/mmetc) - cscli: print command name along with errors ([#&#8203;3768](https://github.com/crowdsecurity/crowdsec/issues/3768)) [@&#8203;mmetc](https://github.com/mmetc) - enhance: Add 2 time helpers for average and median ([#&#8203;3748](https://github.com/crowdsecurity/crowdsec/issues/3748)) [@&#8203;LaurenceJJones](https://github.com/LaurenceJJones) - usage metrics: report acquisition + parsers metrics to LAPI ([#&#8203;3709](https://github.com/crowdsecurity/crowdsec/issues/3709)) [@&#8203;blotus](https://github.com/blotus) - improve datasource validation (goccy/go-yaml) ([#&#8203;3646](https://github.com/crowdsecurity/crowdsec/issues/3646)) [@&#8203;mmetc](https://github.com/mmetc) ##### Bug Fixes - fix "cscli alerts list -s <scenario>" for alerts with no decisions ([#&#8203;3830](https://github.com/crowdsecurity/crowdsec/issues/3830)) [@&#8203;mmetc](https://github.com/mmetc) - unify the output format of start\_at and stop\_at ([#&#8203;3819](https://github.com/crowdsecurity/crowdsec/issues/3819)) [@&#8203;buixor](https://github.com/buixor) - pkg/cwhub: fix relative symlink resolution ([#&#8203;3824](https://github.com/crowdsecurity/crowdsec/issues/3824)) [@&#8203;mmetc](https://github.com/mmetc) - fix: Postint check also if api.server.enable is false ([#&#8203;3802](https://github.com/crowdsecurity/crowdsec/issues/3802)) [@&#8203;LaurenceJJones](https://github.com/LaurenceJJones) - detect.yaml: always acquire ssh logs from file if present ([#&#8203;3825](https://github.com/crowdsecurity/crowdsec/issues/3825)) [@&#8203;mmetc](https://github.com/mmetc) - detect.yaml: avoid double acquisition on deb ([#&#8203;3821](https://github.com/crowdsecurity/crowdsec/issues/3821)) [@&#8203;mmetc](https://github.com/mmetc) - review config/detect.yaml ([#&#8203;3820](https://github.com/crowdsecurity/crowdsec/issues/3820)) [@&#8203;mmetc](https://github.com/mmetc) - fix rpm detect.yaml ([#&#8203;3814](https://github.com/crowdsecurity/crowdsec/issues/3814)) [@&#8203;sabban](https://github.com/sabban) - CI: remove config/detect.yaml reference from rpm ([#&#8203;3813](https://github.com/crowdsecurity/crowdsec/issues/3813)) [@&#8203;mmetc](https://github.com/mmetc) - fix rpm dovecot detection ([#&#8203;3796](https://github.com/crowdsecurity/crowdsec/issues/3796)) [@&#8203;sabban](https://github.com/sabban) - Increase hub download timeout to 10 minutes ([#&#8203;3785](https://github.com/crowdsecurity/crowdsec/issues/3785)) [@&#8203;mmetc](https://github.com/mmetc) - docker: enforce volume use for /var/lib/crowdsec/data/ ([#&#8203;3757](https://github.com/crowdsecurity/crowdsec/issues/3757)) [@&#8203;blotus](https://github.com/blotus) - setup: add detect.yaml to windows install ([#&#8203;3775](https://github.com/crowdsecurity/crowdsec/issues/3775)) [@&#8203;blotus](https://github.com/blotus) - fix timemachine lock ([#&#8203;3767](https://github.com/crowdsecurity/crowdsec/issues/3767)) [@&#8203;sabban](https://github.com/sabban) - appsec: properly set URI in the original request object for use in hooks ([#&#8203;3755](https://github.com/crowdsecurity/crowdsec/issues/3755)) [@&#8203;blotus](https://github.com/blotus) ##### Chore / Deps - build(deps): bump codecov/codecov-action from 5.4.3 to 5.5.0 ([#&#8203;3816](https://github.com/crowdsecurity/crowdsec/issues/3816)) @&#8203;[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github/codeql-action from 3.29.7 to 3.29.11 ([#&#8203;3818](https://github.com/crowdsecurity/crowdsec/issues/3818)) @&#8203;[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github.com/crowdsecurity/machineid from 1.0.2 to 1.0.3 ([#&#8203;3769](https://github.com/crowdsecurity/crowdsec/issues/3769)) @&#8203;[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump docker/login-action from 3.4.0 to 3.5.0 ([#&#8203;3783](https://github.com/crowdsecurity/crowdsec/issues/3783)) @&#8203;[dependabot\[bot\]](https://github.com/apps/dependabot) - update dependencies, use go 1.24.5 ([#&#8203;3774](https://github.com/crowdsecurity/crowdsec/issues/3774)) [@&#8203;mmetc](https://github.com/mmetc) - build(deps): bump github.com/go-sql-driver/mysql from 1.6.0 to 1.9.3 ([#&#8203;3761](https://github.com/crowdsecurity/crowdsec/issues/3761)) @&#8203;[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github.com/go-openapi/swag from 0.23.0 to 0.23.1 ([#&#8203;3763](https://github.com/crowdsecurity/crowdsec/issues/3763)) @&#8203;[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github.com/hashicorp/go-version from 1.2.1 to 1.7.0 ([#&#8203;3764](https://github.com/crowdsecurity/crowdsec/issues/3764)) @&#8203;[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github/codeql-action from 3.29.4 to 3.29.5 ([#&#8203;3765](https://github.com/crowdsecurity/crowdsec/issues/3765)) @&#8203;[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github.com/alexliesenfeld/health from 0.8.0 to 0.8.1 ([#&#8203;3760](https://github.com/crowdsecurity/crowdsec/issues/3760)) @&#8203;[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github.com/r3labs/diff/v2 from 2.14.1 to 2.15.1 ([#&#8203;3721](https://github.com/crowdsecurity/crowdsec/issues/3721)) @&#8203;[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump google.golang.org/grpc from 1.67.1 to 1.74.2 ([#&#8203;3750](https://github.com/crowdsecurity/crowdsec/issues/3750)) @&#8203;[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github.com/go-openapi/validate from 0.20.0 to 0.24.0 ([#&#8203;3719](https://github.com/crowdsecurity/crowdsec/issues/3719)) @&#8203;[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github.com/sanity-io/litter from 1.5.5 to 1.5.8 ([#&#8203;3720](https://github.com/crowdsecurity/crowdsec/issues/3720)) @&#8203;[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump golang.org/x/net from 0.41.0 to 0.42.0 ([#&#8203;3749](https://github.com/crowdsecurity/crowdsec/issues/3749)) @&#8203;[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump astral-sh/setup-uv from 6.4.1 to 6.4.3 ([#&#8203;3753](https://github.com/crowdsecurity/crowdsec/issues/3753)) @&#8203;[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump github/codeql-action from 3.29.2 to 3.29.4 ([#&#8203;3751](https://github.com/crowdsecurity/crowdsec/issues/3751)) @&#8203;[dependabot\[bot\]](https://github.com/apps/dependabot) - build(deps): bump golang.org/x/mod from 0.25.0 to 0.26.0 ([#&#8203;3746](https://github.com/crowdsecurity/crowdsec/issues/3746)) @&#8203;[dependabot\[bot\]](https://github.com/apps/dependabot) ##### Geolite2 notice This product includes GeoLite2 data created by MaxMind, available from <a href="https://www.maxmind.com"><https://www.maxmind.com></a>. ##### Installation Take a look at the [installation instructions](https://doc.crowdsec.net/docs/getting_started/install_crowdsec). </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xMjUuMyIsInVwZGF0ZWRJblZlciI6IjQxLjEyNS4zIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJyZW5vdmF0ZSJdfQ==-->
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
renovate-bot ryuupendragon
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: ryuupendragon/docker-compose#64
Delete Branch "refs/pull/64/head"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?