search

crowdsecurity / crowdsec

CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
https://crowdsec.net
MIT License
8.11k stars 419 forks source link

Allow environment variables in parser and postoverflow config #3011

Open ToshY opened 1 month ago

ToshY commented 1 month ago

What would you like to be added?

/kind enhancement

Why is this needed?

I've already mentioned this in a Discord thread, and after some reconsidering, I thought I would still like to have an enhancement where environment variables could be used in other config files as well.

Currently, the section regarding Notification plugins show that you can use environment variables in the config files (https://docs.crowdsec.net/docs/notification_plugins/intro#environment-variables).

It would be nice to have this for other configs as well, like for parsers/postoverflows. An example would be using a parser to whilelist certain user IPs.

/etc/crowdsec/parsers/s02-enrich/user-whitelist.yaml

name: crowdsecurity/user-whitelist
description: "Whitelist events from my ipv4 addresses"
filter: "1 == 1"
whitelist:
  reason: "My ipv4 ranges"
  ip: [${USER_IPV4_WHITELIST}]
  cidr:
    - "10.0.0.0/8"
    - "172.16.0.0/12"
    - "192.168.0.0/16"

And where ${USER_IPV4_WHITELIST} contains the following:

.env

USER_IPV4_WHITELIST="'12.34.56.78','10.11.12.13'"
github-actions[bot] commented 1 month ago

@ToshY: Thanks for opening an issue, it is currently awaiting triage.

In the meantime, you can:

  1. Check Crowdsec Documentation to see if your issue can be self resolved.
  2. You can also join our Discord.
  3. Check Releases to make sure your agent is on the latest version.
Details I am a bot created to help the [crowdsecurity](https://github.com/crowdsecurity) developers manage community feedback and contributions. You can check out my [manifest file](https://github.com/crowdsecurity/crowdsec/blob/master/.github/governance.yml) to understand my behavior and what I can do. If you want to use this for your project, you can check out the [BirthdayResearch/oss-governance-bot](https://github.com/BirthdayResearch/oss-governance-bot) repository.
github-actions[bot] commented 1 month ago

@ToshY: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.

Details I am a bot created to help the [crowdsecurity](https://github.com/crowdsecurity) developers manage community feedback and contributions. You can check out my [manifest file](https://github.com/crowdsecurity/crowdsec/blob/master/.github/governance.yml) to understand my behavior and what I can do. If you want to use this for your project, you can check out the [BirthdayResearch/oss-governance-bot](https://github.com/BirthdayResearch/oss-governance-bot) repository.