How to install Crowdsec on Proxmox VE 8 correct

This article describes how to install crowdsec on an proxmox ve environment. Only 5 Steps are required.

Crowdsec is the new Fail2ban and should be preferred today due to decentralization alone. Fail2ban has been on the market for a long time and is therefore indispensable for Proxmox installations, but the good new alternative Crowdsec is a bit better.

Here now follows the instructions how to add Crowdsec on a Proxmox VE 8.0 installation.

NOTE: Even if Fail2ban is already installed on your system, you can easily add Crowdsec. For new installations please use Crowdsec only.

How to install

  1. Crowdsec Repository

    The first thing to do is to add the Crowdsec repository.

curl -s https://packagecloud.io/install/repositories/crowdsec/crowdsec/script.deb.sh | sudo bash
  1. Install Crowdsec

    Crowdsec will be installed on the system

sudo apt install crowdsec
  1. Add firewall IPTables bouncer

    The bouncer is responsible for keeping the lists for the IPTables up to date.

sudo apt install crowdsec-firewall-bouncer
  1. Small change in the configuration for the SQLite database

    Add the "use_wal: true" in the area "db_config".

File: nano /etc/crowdsec/config.yaml
db_config:
  log_level: info
  type: sqlite
  db_path: /var/lib/crowdsec/data/crowdsec.db
  use_wal: true
  1. Ready

    Start the software with the following command. Autostart is already enabled here.

service crowdsec start
  1. Optional - Crowdsec Dashboard

    Additionally you can add the agent to the Crowdsec Dashboard. To do this, log in to Crowdsec on the website and create a new engine. There you will get an enroll code which you have to execute on the console. Here is an example:

sudo cscli console enroll cljpek1420011mn088ta9y2xn