README.md

Example

Install vagrant

On linux

curl -fsSL https://apt.releases.hashicorp.com/gpg | sudo tee /usr/share/keyrings/hashicorp-archive-keyring.asc
echo "deb [ signed-by=/usr/share/keyrings/hashicorp-archive-keyring.asc ] https://apt.releases.hashicorp.com $(lsb_release -cs) main" | sudo tee /etc/apt/sources.list.d/hashicorp.list
sudo apt-get update && sudo apt-get install vagrant

Install libvirt

sudo apt install -y qemu-kvm virt-manager libvirt-daemon-system virtinst libvirt-clients bridge-utils
sudo systemctl enable --now libvirtd
sudo systemctl start libvirtd
sudo usermod -aG kvm $USER
sudo usermod -aG libvirt $USER

Install the plugin vagrant-libvirt

vagrant plugin install vagrant-libvirt

Start the VM

sudo vagrant up --provider=libvirt

Destroy the VM

sudo vagrant destroy -f

SSH in the VM

sudo vagrant ssh

Context

Traefik is installed as a systemd service. It is configured with the dashboard activated and listening on port 8081 and port 80 for the web

Crowdsec is started and listening on port 8080. Certificates are generated on the provision step of vagrant.

Whoami is installed as a systemd service. It is configured to listen on port 9000.

Whoami is accessible from traefik on port 80 at any domain and path

For example: curl http://localhost:80/test

The Plugin / Bouncer use certificates to validate the server certificates and authenticates with the Crowdsec local api.