Skip to content

Documentation changes to address : Maintainer Alignment: Documentatio… #96

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
oidebrett wants to merge 1 commit into
base: pangolin
Choose a base branch
from
Open

Documentation changes to address : Maintainer Alignment: Documentatio… #96

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -128,3 +128,7 @@ dist
.yarn/install-state.gz
.pnp.*
.omx/

# ios build files
mobile/ios/App/App.xcworkspace/contents.xcworkspacedata
mobile/ios/App/Podfile.lock
Comment on lines +133 to +134
Copy link
Copy Markdown

@gemini-code-assist gemini-code-assist Bot Apr 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The Podfile.lock file should typically be tracked in version control for application projects. It ensures that all developers and the CI/CD environment use the exact same versions of dependencies, preventing inconsistent behavior across environments caused by version mismatches.

mobile/ios/App/App.xcworkspace/contents.xcworkspacedata

6 changes: 3 additions & 3 deletions docs/content/docs/api/overview.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ Responses are generally returned in JSON format.

```json
{
"status": "success",
"success": true,
"data": { ... }
}
```
Expand All @@ -34,7 +34,7 @@ Responses are generally returned in JSON format.

```json
{
"status": "error",
"message": "Error description"
"success": false,
"error": "Error description"
}
```
2 changes: 1 addition & 1 deletion docs/content/docs/development/architecture.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ CrowdSec Manager is built as a monolithic application with a clear separation be
## Backend (Go)

The backend is written in Go and handles:
- **API Server**: Exposes REST endpoints using `chi` router.
- **API Server**: Exposes REST endpoints using `gin-gonic/gin` router.
- **Docker Integration**: Communicates with the Docker daemon via the Docker SDK.
- **Database**: Uses SQLite for storing configuration and state.
- **Background Jobs**: Runs cron jobs for backups and maintenance.
Expand Down
2 changes: 1 addition & 1 deletion docs/content/docs/development/contributing.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ We welcome contributions to CrowdSec Manager!
```

2. **Install dependencies**:
- Go 1.21+
- Go 1.23+
- Node.js 18+
- Docker

Expand Down
76 changes: 76 additions & 0 deletions docs/content/docs/features/config-validation.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
---
title: Config Validation
description: Detect drift between running config and saved snapshots
---

# Config Validation

The Config Validation feature allows you to detect configuration drift between the current running configuration of CrowdSec Manager and saved configuration snapshots. This helps ensure consistency and identify unintended changes.

## Features

- **Configuration Drift Detection**: Compare running configuration against saved snapshots
- **Snapshot Management**: Create, list, and restore configuration snapshots
- **Detailed Diff Reports**: View specific differences between configurations
- **Automated Validation**: Schedule regular configuration validation checks

## API Endpoints

The Config Validation exposes the following API endpoints under the `/api/config-validation` prefix:

### Snapshots

- `POST /config-validation/snapshot` - Create a new configuration snapshot
Comment on lines +19 to +23
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot Apr 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1 Badge Remove unsupported config-validation API documentation

This section documents a full /api/config-validation API surface, but there are no corresponding server routes or handlers in the codebase (the registered API groups in internal/api/routes.go do not include any config-validation group). As written, users following these endpoint examples will always get 404 responses, so this should be clearly marked as not yet implemented or updated to match real endpoints.

Useful? React with 👍 / 👎.

- `GET /config-validation/snapshots` - List all saved configuration snapshots
- `GET /config-validation/snapshot/:id` - Get details of a specific snapshot
- `DELETE /config-validation/snapshot/:id` - Delete a configuration snapshot

### Validation

- `POST /config-validation/validate` - Validate current configuration against a snapshot
- `GET /config-validation/validation/:id` - Get results of a specific validation
- `GET /config-validation/validations` - List all validation results

### Restoration

- `POST /config-validation/restore/:id` - Restore configuration from a snapshot

## Usage Examples

### Creating a Snapshot

```bash
curl -X POST http://localhost:8080/api/config-validation/snapshot \
-H "Content-Type: application/json" \
-d '{
"name": "pre-update-backup",
"description": "Backup before applying security updates"
}'
```

### Validating Configuration

```bash
curl -X POST http://localhost:8080/api/config-validation/validate \
-H "Content-Type: application/json" \
-d '{
"snapshot_id": "abc123",
"check_items": ["api_config", "database_config", "docker_settings"]
}'
```

### Restoring from Snapshot

```bash
curl -X POST http://localhost:8080/api/config-validation/restore/abc123
```

## Configuration

Config validation behavior can be customized through environment variables or the configuration file. Refer to the [Configuration](../configuration/index.mdx) documentation for details.

## Related Topics

- [Configuration](../configuration/index.mdx)
- [Backup and Restore](../features/backups.mdx)
- [History](../features/history.mdx)
93 changes: 93 additions & 0 deletions docs/content/docs/features/history.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,93 @@
---
title: History
description: Decision history with trends, charts, geographic data
---

# History

The History feature provides persistent storage and analysis of CrowdSec decisions and alerts over time. This enables you to track security events, identify trends, and generate reports for compliance and auditing purposes.

## Features

- **Decision History**: Persistent storage of all bans, captchas, and other decisions made by CrowdSec.
- **Alert History**: Complete history of alerts generated by CrowdSec scenarios.
- **Trend Analysis**: Visualize security event trends over time with charts and graphs.
- **Geographic Data**: View the geographic origin of attacks on a world map.
- **Repeated Offenders**: Identify IP addresses that repeatedly trigger security events.
- **Configurable Retention**: Set how long history data is stored before automatic cleanup.
- **Reapply Decisions**: Re-insert historical decisions back into CrowdSec for immediate effect.
- **Bulk Operations**: Reapply multiple historical decisions at once.

## API Endpoints

The History exposes the following API endpoints under the `/api` prefix:

### Decision History

- `GET /crowdsec/decisions/history` - Retrieve persisted decision history with filtering options.
- `POST /crowdsec/decisions/history/reapply` - Re-insert a historical decision into CrowdSec.
- `POST /crowdsec/decisions/history/bulk-reapply` - Re-insert multiple historical decisions.

### Alert History

- `GET /crowdsec/alerts/history` - Retrieve persisted alert history with filtering options.

### History Statistics

- `GET /crowdsec/history/stats` - Get aggregate counts for the history dashboard.

### Configuration

- `GET /crowdsec/history/config` - Get current history retention configuration.
- `PUT /crowdsec/history/config` - Update history retention configuration.

### Repeated Offenders

- `GET /crowdsec/decisions/repeated-offenders` - Get list of repeated offenders from history.

### Hub Operation History

- `GET /hub/history` - List hub operation history with filtering options.
- `GET /hub/history/:id` - Get details of a specific hub operation.

## Usage Examples

### Retrieving Decision History

```bash
curl "http://localhost:8080/api/crowdsec/decisions/history?limit=100&scenario=crowdsecurity/ssh-bf&since=24h"
```

### Reapplying a Decision

```bash
curl -X POST http://localhost:8080/api/crowdsec/decisions/history/reapply \
-H "Content-Type: application/json" \
-d '{
"id": 12345,
"type": "ban",
"duration": "24h",
"reason": "Reapplying due to continued malicious activity"
}'
```

### Updating History Retention

```bash
curl -X PUT http://localhost:8080/api/crowdsec/history/config \
-H "Content-Type: application/json" \
-d '{
"retention_days": 30
}'
```

## Configuration

History behavior can be customized through environment variables or the configuration file. Refer to the [Configuration](../configuration/index.mdx) documentation for details.

## Related Topics

- [Configuration](../configuration/index.mdx)
- [Decisions](../features/decisions.mdx)
- [Alerts](../features/alerts.mdx)
- [Hub Browser](../features/hub.mdx)
86 changes: 86 additions & 0 deletions docs/content/docs/features/hub.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
---
title: Hub Browser
description: Browse, install, upgrade CrowdSec collections, parsers, scenarios
---

# Hub Browser

The Hub Browser allows you to manage CrowdSec hub items (collections, parsers, scenarios, postoverflows, etc.) directly from the CrowdSec Manager interface. You can browse available items, install new ones, upgrade existing items, and remove items you no longer need.

## Features

- **Browse Hub Items**: View all available hub items by category.
- **Install Items**: Install new hub items from the CrowdSec hub.
- **Upgrade Items**: Upgrade installed hub items to their latest versions.
- **Remove Items**: Remove hub items that are no longer needed.
- **Manual Apply**: Apply custom YAML configurations directly to the CrowdSec container.
- **Preference Management**: Set default behaviors for hub operations per category.
- **Operation History**: Audit all hub operations performed through the manager.

## API Endpoints

The Hub Browser exposes the following API endpoints under the `/api/hub` prefix:

### Categories

- `GET /hub/categories` - List all supported hub categories with metadata.

### Items

- `GET /hub/list` - Legacy endpoint for browsing all hub items (raw format).
- `GET /hub/:category/items` - List hub items for a specific category.
- `POST /hub/:category/install` - Install a hub item in the specified category.
- `POST /hub/:category/remove` - Remove a hub item from the specified category.
- `POST /hub/:category/manual-apply` - Apply a custom YAML file to the CrowdSec container.

### Preferences

- `GET /hub/preferences` - Get all hub preferences.
- `GET /hub/preferences/:category` - Get preference for a specific category.
- `PUT /hub/preferences/:category` - Update preference for a specific category.

### History

- `GET /hub/history` - List hub operation history with filtering options.
- `GET /hub/history/:id` - Get details of a specific hub operation.

### Upgrades

- `POST /hub/upgrade` - Upgrade all hub items to their latest versions.

## Usage Examples

### Listing Categories

```bash
curl http://localhost:8080/api/hub/categories
```

### Installing a Scenario

```bash
curl -X POST http://localhost:8080/api/hub/scenarios/install \
-H "Content-Type: application/json" \
-d '{"item_name": "crowdsecurity/ssh-bf"}'
```

### Applying Custom YAML

```bash
curl -X POST http://localhost:8080/api/hub/parsers/manual-apply \
-H "Content-Type: application/json" \
-d '{
"filename": "custom-parser.yaml",
"yaml": "filter: ...",
"target_path": "/etc/crowdsec/parsers/custom-parser.yaml"
}'
```

## Configuration

Hub behavior can be customized through environment variables or the configuration file. Refer to the [Configuration](../configuration/index.mdx) documentation for details.
Copy link
Copy Markdown

@chatgpt-codex-connector chatgpt-codex-connector Bot Apr 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Link Configuration references to an existing page

This link points to ../configuration/index.mdx, but there is no docs/content/docs/configuration/index.mdx file in the repository, so readers are sent to a dead page. The new feature docs repeat this target in multiple places, so these references should be updated to an existing configuration doc (or an index page should be added).

Useful? React with 👍 / 👎.


## Related Topics

- [Configuration](../configuration/index.mdx)
- [Backup and Restore](../features/backups.mdx)
Loading