support TLS auth

[toxic0berliner]

I already have a LAPI running and my firewall is blocking based on crowdsec decisions. Nonetheless I 'm interested in your setup to catch and parse the ha logs appropriately (for brute force today I understand)
But I have no API key I only use a certificate to authenticate either a bouncer or an agent to the LAPI.
Would be great for me to be able to pass a cert&key as well as the CA authority signing the cert of my LAPI to be able to use this plugin out of the box.

[se7entynine]

+1

[toxic0berliner]

Any chance this would already be possible using more arguments in the acquisition config line that gets passed to crowdsec?
Or maybe adding a "custom settings" in the config, those of us wanting to use TLS auth can clearly find a way to pass the cert and key to the plug-in container, maybe through the Ha logs directory for example.
I think the plug-in already support that it's just a matter of telling it to find the cert and key and probably signing CA and use it to contact the LAPI.
@LaurenceJJones you think it's not that simple?

[LaurenceJJones]

Any chance this would already be possible using more arguments in the acquisition config line that gets passed to crowdsec? Or maybe adding a "custom settings" in the config, those of us wanting to use TLS auth can clearly find a way to pass the cert and key to the plug-in container, maybe through the Ha logs directory for example. I think the plug-in already support that it's just a matter of telling it to find the cert and key and probably signing CA and use it to contact the LAPI. @LaurenceJJones you think it's not that simple?

I dont use HA personally just maintaining the version bumps 😅

In short we just need to mount the certificates into the plugin container scope and expose the configuration to set the keys.

Just remember you dont have to install crowdsec to be able to parse HA logs, you can simply just use the syslog integration of HA to send the logs to a remote syslog endpoint which can be your firewall if you already have crowdsec installed.