Unable to connect Bouncer on Docker

  • Resolved nobullwebsites

    (@nobullwebsites)


    1 year, 6 months ago

    I’m just doing some testing on RunClouds new docker setup.

    Local API URL: https://localhost:8080
    Bouncing: Flex
    API Key: Entered

    When I hit test bouncing, I get the following error:

    Technical error while testing bouncer connection: Unexpected HTTP call failure.

    Any tips?

Viewing 5 replies - 1 through 5 (of 5 total)

  • Hi @nobullwebsites ,
    Thanks for your message.

    If you are working with docker, you probably have some “web” container (with php, nginx or apache) and an another container for crowdsec.
    If you have another setup, please give some details about it : where did you install the crowdsec agent for example?

    From the “web” container, crowdsec is not accessible with the “localhost” uri.

    First step should be to find which url you have to call from the “web” container to access the “crowdsec” container.

    Then you could make a simple curl test (from the web container):

    curl -H "X-Api-Key:your-bouncer-api-key" your-crowdsec-url:8080/v1/decisions\?ip=192.168.1.254

    It should look like below:

    curl -H "X-Api-Key:ab4429********725d43feb2" https://your-crowdsec-url:8080/v1/decisions\?ip=192.168.1.254

    thanks

    Thread Starter nobullwebsites

    (@nobullwebsites)

    Thank you for your reply. Crowdsec is installed to /etc/crowdsec. I looked in the local_api_credentials.yaml and the URL is https://127.0.0.1:8080. The online_api_credentials.yaml URL is https://api.crowdsec.net.

    What you’re saying makes sense. I installed Crowdsec agent to the server using the usual instructions:

    curl -s https://packagecloud.io/install/repositories/crowdsec/crowdsec/script.deb.sh | sudo bash

    sudo apt install crowdsec -y

    sudo apt install crowdsec-firewall-bouncer-iptables -y

    I guess because the webapp is containerised, it cannot connect to anything localhost. Do you have any tips on how to find the correct value for the localhost field in WordPress bouncer setup?

    Thanks again for your help with this.

    If I understand correctly, crowdsec is installed inside the web container itself. So, it should be accessiible directly.

    Can you try the curl test call :

    curl -H "X-Api-Key:your-bouncer-api-key" https://127.0.0.1:8080/v1/decisions\?ip=192.168.1.254

    to see if there is an error ?

    To see more logs from the WordPress bouncer itself, you can enable the debug mode in the Adavnced settings. When this mode is enabled, a debug.log file will be written in wp-content/plugins/crowdsec/logs folder.

    Thanks

    Thread Starter nobullwebsites

    (@nobullwebsites)

    I think Crowdsec must be installed outside of the container which is why I’m having issues. According to Runcloud documentation, I need to replace localhost or 127.0.0.1 with “host”, but I still can’t get it to work.
    https://runcloud.io/knowledgebase/articles/docker/why-containerized-server-using-host-instead-of-localhost-or-127001

    I’m going to give up for now and readdress it when I have some more free time. Thank you kindly for your help!

    Hi, I’m closing this issue. Happy to continue the conversation here or elsewhere.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Unable to connect Bouncer on Docker’ is closed to new replies.