Migration from v0.X to v1.X¶
Migrating to V1.X will impact (any change you made will be lost and must be adapted to the new configuration) :
To upgrade crowdsec-agent from v0.X to v1, we'll follow those steps
Backup up configuration¶
sudo cscli backup save /tmp/crowdsec_backup sudo cp -R /etc/crowdsec/config/patterns /tmp/crowdsec_backup
Uninstall old version & install new¶
Download latest V1 crowdsec-agent version here
tar xvzf crowdsec-release.tgz cd crowdsec-v1*/ sudo ./wizard.sh --uninstall sudo rm /etc/cron.d/crowdsec_pull sudo ./wizard.sh --bininstall
Don't forget to remove metabase dashboard if you installed it manually (without cscli).
Before restoring old backup, if you have
tainted postoverflows, be aware that they are no longer compatible. You should update the syntax (the community and us are available to help you doing this part).
sudo cscli hub update sudo cscli config restore --old-backup /tmp/crowdsec_backup/ sudo cp -R /tmp/crowdsec_backup/patterns /etc/crowdsec/
Register crowdsec to local & central API¶
$ sudo cscli machines add -a INFO Machine '...' created successfully INFO API credentials dumped to '/etc/crowdsec/local_api_credentials.yaml'
Before starting the services, let's check that we're properly registered :
$ sudo cscli capi status INFO Loaded credentials from /etc/crowdsec/online_api_credentials.yaml INFO Trying to authenticate with username ... on https://api.crowdsec.net/ INFO You can successfully interact with Central API (CAPI)
Start & health check¶
Finally, you will be able to start crowdsec-agent service. Before that, just check if local API (LAPI) and API are correctly configured.
$ sudo systemctl enable crowdsec $ sudo systemctl start crowdsec $ sudo cscli lapi status INFO Loaded credentials from /etc/crowdsec/local_api_credentials.yaml INFO Trying to authenticate with username ... on http://127.0.0.1:8080/ INFO You can successfully interact with Local API (LAPI) $ sudo cscli capi status INFO Loaded credentials from /etc/crowdsec/online_api_credentials.yaml INFO Trying to authenticate with username ... on https://api.crowdsec.net/ INFO You can successfully interact with Central API (CAPI)
If you're facing issues with
cscli lapi status, just re-run
cscli machines add -a.
If you're facing issues with
cscli capi status, just re-run
cscli capi register
You can check logs (located by default here:
You can now navigate documentation to learn new cscli commands to interact with crowdsec.
If you were using bouncers (formerly called blocker(s)), you need to replace them by the new compatibles bouncers, available on the hub (selecting
agent version to
Following your bouncer type (netfilter, nginx, wordpress etc...), you need to replace them by the new available bouncers on the hub, please follow the bouncers documentation that will help you to install easily.