kaffa/cf-bouncer-manager
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fee463636380ab8dad01228e01c599b19b628374
cf-bouncer-manager/CLAUDE.md
kaffa 2f361c2574 Initial commit: CrowdSec Cloudflare Bouncer Manager 
CrowdSec Cloudflare Worker Bouncer 도메인 관리 CLI 도구
- 도메인 CRUD (list, show, add, edit, remove)
- Cloudflare 동기화 (sync, available)
- 설정 백업/복원 (backup, restore, diff)
- 상태 모니터링 (status, logs, decisions, metrics)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-02-05 17:04:58 +09:00

63 lines
2.3 KiB
Markdown
Raw Blame History

# CLAUDE.md
This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
## Project Overview
CrowdSec Cloudflare Bouncer Manager (`cf-bouncer-manager`) is a Korean-language CLI tool for managing the CrowdSec Cloudflare Worker Bouncer. It manages protected domains, Turnstile CAPTCHA settings, and bouncer configuration through Incus/LXD containers.
## Development Commands
```bash
# Run the CLI (via uv package manager)
uv run python cf_bouncer.py [command] [options]
# Or use the wrapper script
./cfb [command] [options]
# Install dependencies
uv sync
```
## Architecture
**Runtime Environment:**
- Python 3.13+ with `uv` as the package manager
- Interacts with Incus/LXD containers: `cs-cf-worker-bouncer` (bouncer service) and `crowdsec` (security engine)
- Configuration stored at `/etc/crowdsec/bouncers/crowdsec-cloudflare-worker-bouncer.yaml` inside the container
**Key Components in cf_bouncer.py:**
- **CLI Framework:** Typer with Rich console output
- **Container Interaction:** `run_incus()` wrapper for all container commands with 60s timeout
- **Config Management:** YAML read/write via Incus exec, automatic backup before writes (keeps 20)
- **Cloudflare API:** Domain/zone queries with pagination support, 30s request timeout
- **Audit Logging:** All actions logged to `~/cf-bouncer-manager/history.log`
**Data Flow:**
1. CLI command → Read config from container via Incus
2. Modify config in memory
3. Backup existing config → Write new config → Optionally restart service via `do_apply()`
## CLI Commands
`list`, `show`, `add`, `edit`, `remove` - Domain CRUD operations
`sync` - Bulk import all Cloudflare zones
`apply` - Restart bouncer service to apply changes
`status` - Check bouncer process and CrowdSec status
`available` - List unprotected Cloudflare domains
`logs [-f]` - View bouncer logs (with optional follow)
`decisions`, `metrics` - CrowdSec data queries
`backup`, `restore`, `diff` - Configuration backup management
`export` - Export domain list to YAML/JSON
`history` - View action history
## Dependencies
Core: `typer`, `pyyaml`, `requests`, `rich` (see pyproject.toml)
## External Requirements
- Incus/LXD with containers: `cs-cf-worker-bouncer`, `crowdsec`
- Cloudflare API token configured in bouncer YAML
- Access to `/etc/crowdsec/bouncers/` directory
Reference in New Issue View Git Blame Copy Permalink