maxlerebourg
commented
6 months ago Hey rwjack,
For CaptchaSecretKey and captchaSiteKey, file reader is already implemented, so you can already use this kind of setup with CaptchaSecretKeyFile and captchaSiteKeyFile (the readme mention it).
For the captcha.html and ban.html, download our templates available on this repo and link them to your traefik instance (via volume binding for docker).
You can customize them too, the only requirement for captcha to work is to keep these line of code in the new template:
<head>
...
<script src="{{ .FrontendJS }}" async defer></script>
...
</head>
<body>
...
<div id="captcha" class="{{ .FrontendKey }}" data-sitekey="{{ .SiteKey }}" data-callback="captchaCallback">
...
<script>
function captchaCallback() {
setTimeout(() => document.querySelector('#captcha-form').submit(), 500);
}
</script>
</body>
rwjack
Hey, this is an amazing update, having a captcha really helps when users get 403's on accident and then they can't do anything about it unless I remove the crowdsec decision manually.
Although I don't seem to fully understand the concept of
captcha.htmlandban.html.Where am I supposed to place those? For example:
/etc/traefik/captcha/? If that's the case, should I then configure the following:Also, would there be a possibility of reading
captchaSecretKeyfrom a file? So basicallycaptchaSecretKeyFile?Same what you did with
crowdsecLapiKeyFile. It seems easier to store secrets in external files and deploy those alongside the config, rather than modifying the config itself during deployment.