---
# https://github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin/tree/main/examples/kubernetes
# https://docs.crowdsec.net/u/getting_started/installation/kubernetes/
apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  name: crowdsec
  namespace: flux-system
spec:
  interval: 10m
  releaseName: crowdsec
  targetNamespace: crowdsec
  chart:
    spec:
      chart: crowdsec
      sourceRef:
        kind: HelmRepository
        name: crowdsec
        namespace: flux-system
      interval: 10m
  values:
    # for raw logs format: json or cri (docker|containerd)
    container_runtime: containerd
    agent:
      # Specify each pod whose logs you want to process
      acquisition:
        # The namespace where the pod is located
        - namespace: traefik
          # The pod name
          podName: traefik-*
          # as in crowdsec configuration, we need to specify the program name to find a matching parser
          program: traefik
      env:
        - name: COLLECTIONS
          value: "crowdsecurity/linux crowdsecurity/traefik crowdsecurity/http-dos crowdsecurity/base-http-scenarios"
    lapi:
      env:
        # To enroll the Security Engine to the console
        - name: ENROLL_KEY
          valueFrom:
            secretKeyRef:
              name: crowdsec
              key: crowdsec-enroll-key
        - name: ENROLL_INSTANCE_NAME
          value: "dolo"
        - name: ENROLL_TAGS
          value: "k8s linux dolo"