Ns8-crowdsec - limited domain levels in allow list

ns8-crowdsec v1.0.7-dev.4

It doesn’t affect me but just a small issue I noticed last weekend (unless the intention is just to allow main domains).
FQDN validation is limited to three levels.


1 Like

Interesting, made me read this Fully qualified domain name - Wikipedia

So it seems we have a FQDN in DNS and in Human readable terms?


could you test

add-module ghcr.io/nethserver/crowdsec:validatetextarea


Tested and the fix is working!

1 Like

thank, @davidep asked me to do differently, I will ping you asap if you could verify it


The module version for testing is 1.0.7-dev.5. Install it with

add-module ghcr.io/nethserver/crowdsec:1.0.7-dev.5 1

Replace the trailing 1 with the preferred node ID.

Update existing installations with

api-cli run update-module --data '{"module_url":"ghcr.io/nethserver/crowdsec:1.0.7-dev.5","instances":["crowdsec1"]}'

Replace crowdsec1 with the relevant module ID.

Frontend validation was replaced by the API validator, implemented with JSON schema.

:warning: there is an open issue with the container implementation: if restarted frequently it might hit a GeoIP DB download limit

1 Like

Tested and works.


the geo_ip downloaded is done just one time a the installation, it might happen every 15 days when we trigger a hub update

Maybe I played too much with the crowdsec installation, however it is a dev and tester issue, be aware

1 Like

:checkered_flag: Thank you all, version 1.0.7 is now publicly available!

BTW it seems there’s an ongoing upstream issue. Installation fails :stuck_out_tongue:

Running: cscli  parsers install "crowdsecurity/docker-logs" 
time="2024-04-10T14:08:28Z" level=fatal msg="error while installing 'crowdsecurity/docker-logs': while downloading crowdsecurity/docker-logs: Get \"https://hub-cdn.crowdsec.net/master/parsers/s00-raw/crowdsecurity/docker-logs.yaml\": read tcp [2a03:b0c0:3:d0::1a24:9001]:59728->[2600:9000:223c:da00:16:30f4:d640:93a1]:443: read: connection reset by peer"

connection reset by peer

In similar cases

  • remove the module
  • try to reinstall