Closed johanneskastl closed 3 weeks ago
@johanneskastl: Thanks for opening an issue, it is currently awaiting triage.
In the meantime, you can:
@johanneskastl: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.
/kind feature
/kind enhancement
/kind refactoring
/kind bug
/kind packaging
/kind packaging
As of PR https://github.com/crowdsecurity/crowdsec/pull/2868 you can add a configuration option to change the location. Which is released in 1.6.2
We failed to add this to the documentation so we should do that.
Thanks for the fast reply! If I understand the PR correctly, I can use something like this in the configuration file config.yaml
?
config_paths:
config_dir: /etc/crowdsec/
data_dir: /var/lib/crowdsec/data/
[...]
pattern_dir: /usr/share/crowdsec/patterns/
I noticed the PR title has patternS_dir
with an S
, while the configuration option seems to use it without the s: pattern_dir
. I take it that the code wins and the PR title is wrong?
Thanks for the fast reply! If I understand the PR correctly, I can use something like this in the configuration file
config.yaml
?config_paths: config_dir: /etc/crowdsec/ data_dir: /var/lib/crowdsec/data/ [...] pattern_dir: /usr/share/crowdsec/patterns/
I noticed the PR title has
patternS_dir
with anS
, while the configuration option seems to use it without the s:pattern_dir
. I take it that the code wins and the PR title is wrong?
Sorry been busy, yes code is key so if you see its that then the title is incorrect. Here the updated docs page: https://github.com/crowdsecurity/crowdsec-docs/pull/575
I started packaging crowdsec for openSUSE, as I wanted to start using it on my servers.
I found the spec file in the repo, however I have a question:
To me it looks like the content of the
/etc/crowdsec/patterns/
directory is supplied by the package and will be overwritten on the next package update (i.e. not marked as%config(noreplace)
).https://github.com/crowdsecurity/crowdsec/blob/master/rpm/SPECS/crowdsec.spec#L93
With the rise of immutable distributions and thinks like read-only filesystems, packages writing to /etc/ should be avoided.
I found that I could change some locations in the configuration file, but not the patterns.
Is it possible to move the patterns to e.g.
/usr/share/crowdsec/
?Thanks in advance!
Johannes