So I recently spun up a linode server for accessing my home services outside of my network. Have my internal services accessed through a zerotier network to keep my firewall ports closed. I then set up an instance of Nginx Proxy Manager using docker. I have secured my services using the NPM access list feature. I set up my firewall on the linode instance to only expose port 80 and 443 to the public, and the ssh and NPM interface can only be accessed through the zerotier network. I then set up croudsec and bouncer on the linode instance.
My question is this. Since my logs are in a different location than /var/log/ how can I point crowdsec to the docker container logs? And can the the croudsec bouncer even block ip’s to the docker container since the docker firewall rules seem to be independent from the rest of the system.
