CrowdSec是一个开源安全平台，旨在防止黑客和机器人通过IP地址进行网络攻击，这个入侵防御系统受Fail2Ban的启发，用Go语言编写的。本文将介绍下如何在Debian 11服务器上安装配置Cro

文章介绍了在Debian 11服务器上安装配置CrowdSec开源安全平台的方法。

CrowdSec是一个开源安全平台，旨在防止黑客和机器人通过IP地址进行网络攻击，这个入侵防御系统受Fail2Ban的启发，用Go语言编写的，本文将介绍下如何在Debian 11服务器上安装配置CrowdSec。

安装依赖

我们需要在Debian 11服务器上安装一些必要的依赖，打开终端，输入以下命令：

sudo apt update
sudo apt install -y golang-go git

下载CrowdSec

接下来，我们从GitHub上克隆CrowdSec的源代码：

git clone https://github.com/crowdsec/crowdsec.git
cd crowdsec

编译CrowdSec

现在，我们可以使用Go编译器编译CrowdSec，确保已经安装了Go编译器：

go version

如果没有安装Go编译器，可以使用以下命令安装：

sudo apt install -y golang-go

进入CrowdSec目录，运行以下命令编译CrowdSec：

make build-linux-amd64

编译完成后，会在dist目录下生成一个名为crowdsec的可执行文件。

配置CrowdSec

接下来，我们需要配置CrowdSec，创建一个名为config.yaml的配置文件：

touch config.yaml

使用文本编辑器打开config.yaml文件，并添加以下内容：

local_api: true
log_level: info
observability: false
webhooks: false
outputs: file,stdout,elasticsearch,prometheus,slack,telegram,matrix,mattermost,influxdb,discord,irc,gnats,hipchat,splunk,enpoint,zendesk,pagerduty,serverdensity,wechatwork,flowdock,netcallid,signalwire,openfaas,webhookurls,webhookgenerictemplates,webhookgenericblocks,webhookemails,webhooksmtptemplates,webhooksmtpblocks,webhooksmstemplates,webhooksmsblocks,webhookteamstemplates,webhookteamsblocks,webhooklinetemplates,webhooklineblocks,webhookcustomtemplates,webhookcustomblocks,webhookgdrivetemplates,webhookgdriveblocks,webhookboxtemplates,webhookboxblocks,webhookconfluencetemplates,webhookconfluenceblocks,webhooktrellotemplates,webhooktrelloblocks,webhookjiratemplates,webhookjirablocks,webhookgithubtemplates,webhookgithubblocks,webhookgitlabtemplates,webhookgitlabblocks,webhookredminetemplates,webhookredmineblocks,webhookprometheustemplates,webhookprometheusblocks,webhookgrafanatemplates,webhookgrafanablocks,webhooklokitemplates,webhooklokiblocks,webhookprometheusalertmanagertemplates,webhookprometheusalertmanagerblocks,webhookprometheusblackboxexportertemplates,webhookprometheusblackboxexporterblocks,webhookprometheusnodeexportertemplates,webhookprometheusnodeexporterblocks,webhookprometheuspushgatewaytemplates,webhookprometheuspushgatewayblocks,webhookprometheuscadvisortemplates,webhookprometheuscadvisorblocks,webhookprometheuscortextemplates,webhookprometheuscortexblocks,webhookprometheusthanostemplates,webhookprometheusthanosblocks,webhookprometheusjaegertemplates,webhookprometheusjaegerblocks,webhookprometheuszipkintemplates,webhookprometheuszipkinblocks
Uncomment the following line to enable API key authentication: apikey: YOUR_API_KEY_HERE  Uncomment the following line to enable Bearer token authentication: bearertoken: YOUR_BEARER_TOKEN_HERE  Uncomment the following line to enable OAuth2 authentication: oauth2: YOUR_OAUTH2_CLIENT_ID YOUR_OAUTH2_CLIENT_SECRET YOUR_OAUTH2_AUTHORIZE_URL YOUR_OAUTH2_TOKEN_URL YOUR_OAUTH2_REDIRECT_URL YOUR_OAUTH2_SCOPES  Uncomment the following line to enable JWT authentication: jwt: YOUR_JWT_PUBLIC_KEY YOUR_JWT_PRIVATE_KEY  Uncomment the following line to enable GCP Cloud IAM authentication: gcpcloudiam: YOUR_GCP_PROJECT YOUR_GCP_SA JSON YOUR_GCP_KEYRING YOUR_GCP_KEYJSON YOUR_GCP_SERVICEACCOUNTEMAIL YOUR_GCP_BUCKETNAME YOUR_GCP_REGION YOUR_GCP_ZONE YOUR_GCP_CONTAINERNAME YOUR_GCP_OBJECTNAME YOUR_GCP_METHOD YOUR_GCP_POLICYNAME YOUR_GCP_POLICYID YOUR_GCP_POLICYTAGS YOUR_GCP_ROLENAME YOUR_GCP_ROLEID YOUR_GCP_ROLEPOLICYNAMES YOUR_GCP_ROLEPOLICYIDS YOUR_GCP_ROLEPOLICYTAGS YOUR_GCP