Merge branch 'main' into improve_community_blocklist

.github/workflows/build_doc.yaml

@@ -10,11 +10,11 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - name: Use Node.js 18.x
-        uses: actions/setup-node@v3
+      - uses: actions/checkout@v4
+      - name: Use Node.js 20.x
+        uses: actions/setup-node@v4
         with:
-          node-version: 18.x
+          node-version: 20.x
       - name: Install dependencies
         run: npm ci
         working-directory: ./crowdsec-docs/

.gitignore

@@ -1 +1,2 @@
-.vscode
+.vscode
+node_modules

amplify.yml

@@ -0,0 +1,16 @@
+version: 1
+frontend:
+  phases:
+    build:
+      commands:
+        - nvm use 20
+        - cd crowdsec-docs
+        - npm install
+        - npm run build
+  artifacts:
+    baseDirectory: crowdsec-docs/build
+    files:
+      - "**/*"
+  cache:
+    paths:
+      - crowdsec-docs/node_modules/**/*

crowdsec-docs/docs/appsec/installation.md

@@ -102,13 +102,13 @@ tcp        0      0 127.0.0.1:7422          0.0.0.0:*               LISTEN
 
 ## Configuration : Remediation component
 
-Configuring the AppSec component [accross remediation components](/appsec/installation#pre-requisites) can vary:
+Configuring the AppSec component [accross remediation components](appsec/installation.md#pre-requisites) can vary:
 
-| Name      | Minimum Version | Public Doc |
-| --------- | --------------- | ----------- |
-| nginx     | 1.0.6rc         | [Public Doc](/u/bouncers/nginx#application-security-component-configuration) |
-| openresty | 1.0.1rc         | [Public Doc](/u/bouncers/openresty#application-security-component-configuration) |
-| traefik | 1.2.0 | [Public Doc](https://github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin/blob/main/examples/appsec-enabled/README.md) |
+| Name      | Minimum Version | Public Doc                                                                                                                |
+| --------- | --------------- | ------------------------------------------------------------------------------------------------------------------------- |
+| nginx     | 1.0.6rc         | [Public Doc](/u/bouncers/nginx#application-security-component-configuration)                                              |
+| openresty | 1.0.1rc         | [Public Doc](/u/bouncers/openresty#application-security-component-configuration)                                          |
+| traefik   | 1.2.0           | [Public Doc](https://github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin/blob/main/examples/appsec-enabled/README.md) |
 
 
 :::info
@@ -138,4 +138,4 @@ And if we look at it in a browser, the user is presented with the HTML page emit
 ## Et Voila !
 
 Your application should now be protected from the most common exploitation attempts.  
-[If you have already enrolled your instance in the console](/docs/next/console/enrollment), you will see alerts appearing there too!
+[If you have already enrolled your instance in the console](/u/getting_started/post_installation/console#engines-page), you will see alerts appearing there too!

crowdsec-docs/docs/appsec/intro.md

@@ -24,9 +24,9 @@ This component capitalizes on existing remediation functions in web servers (suc
 ![appsec-global](/img/appsec-global.svg)
 
 1. The Web Server receives the HTTP request
-2. The HTTP Request is intercepted and passed to the CrowdSec Security Engine via [the HTTP API](/appsec/protocol.md)
+2. The HTTP Request is intercepted and passed to the CrowdSec Security Engine via [the HTTP API](appsec/protocol.md)
 3. The Security Engine answers to the Web Server once the Appsec inband rules have been processed.
-4. Based on the [Security Engine answer](/appsec/protocol#response-code), the Web Server either blocks the HTTP Request or processes it as usual
+4. Based on the [Security Engine answer](appsec/protocol.md#response-code), the Web Server either blocks the HTTP Request or processes it as usual
 
 ## Inband Rules and Out-Of-Band Rules
 
@@ -70,7 +70,8 @@ You can follow our quick start guides depending on your web server:
 Or consider learning more about the AppSec capabilities:
 
 -   **Rules**: [How to read, write and debug rules](/appsec/rules_syntax.md)
--   **Scenarios**: [How to create scenarios that leverage the AppSec Component events](#TODO)
+ <!-- TODO -->
+-   **Scenarios**: How to create scenarios that leverage the AppSec Component events
 -   **Hooks**: [For advanced use let's talk about possible Hooks](/appsec/hooks.md)
 -   **Troubleshoot**: [How to troubleshoot the behavior of the AppSec Component](/appsec/troubleshooting.md)
 -   **AppSec Protocol**: [if you're maintaining or creating a remedation component and want to add the AppSec capabilities](/appsec/protocol.md)

crowdsec-docs/docs/appsec/quickstart/nginxopenresty.mdx

@@ -81,7 +81,7 @@ Steps:
 
 The two important directives in this configuration file are:
 
- - `appsec_config` is the name of the [*AppSec Configuration*](/appsec/configuration.md#appsec-configuration) that was included in the [Collection](/concepts.md#colleccollectionstion) we just installed.
+ - `appsec_config` is the name of the [*AppSec Configuration*](appsec/configuration.md#appsec-configuration) that was included in the [Collection](/concepts.md#collections) we just installed.
  - the `listen_addr` is the IP and port the AppSec Component will listen to.
 
 :::warning

crowdsec-docs/docs/appsec/troubleshooting.md

@@ -63,7 +63,7 @@ DEBU[2023-12-06 15:40:26] Finish evaluating rule                        band=inb
 ## Authenticating with the AppSec Component
 
 :::note
-We are assuming the AppSec engine is running on `127.0.0.1:7422`. See [installation directives](/docs/next/appsec/install)
+We are assuming the AppSec engine is running on `127.0.0.1:7422`. See [installation directives](/docs/next/appsec/installation)
 :::
 
 > Create a valid API Key

crowdsec-docs/docs/concepts.md

@@ -65,7 +65,7 @@ The `labels` part is here to tag the incoming logs with a type. `labels.type` ar
 
 ## Application Security Component
 
-[[References](/appsec/intro.md)]
+[[References](appsec/intro)]
 
 The Application Security Component is a special datasource that allows the supported remediation components to forward HTTP requests to crowdsec for analysis, before they can reach the application.
 Because CrowdSec can analyse the request and take a decision before it reaches the application, the combo of the Application Security Component and the remediation components acts as a Web Application Firewall (WAF).
@@ -142,9 +142,9 @@ You can as well [write your own](/scenarios/create.md)!
 
 ## AppSec Rules
 
-[[References](/appsec/intro.md)]
+[[References](appsec/intro)]
 
-An AppSec rule is a YAML configuration file that describe a rule for the [Application Security Component](/appsec/intro.md).
+An AppSec rule is a YAML configuration file that describe a rule for the [Application Security Component](appsec/intro).
 
 An AppSec rule can match on various aspect of an HTTP request, such as the verb, the URI, the headers, the parameters, the body, etc.
 You can use them to detect and block exploitation of specific vulnerabilities (virtual patching) or to write more generic WAF rules.
@@ -153,12 +153,12 @@ Contrary to scenarios, appsec rules can block a request before it reaches the ap
 
 ## AppSec Configs
 
-An Appsec Config file is a YAML configuration file that tell the [Application Security Component](/appsec/intro.md) which rules should be loaded, and in which band (in-band or out-of-band).
+An Appsec Config file is a YAML configuration file that tell the [Application Security Component](appsec/intro) which rules should be loaded, and in which band (in-band or out-of-band).
 
 The config also expose hooks allowing you to customize at runtime the behavior of the AppSec component (disable a rule on a specific URL, apply a captcha if a specific rule is triggered, etc.)
 
 
-[[References](/appsec/intro.md)]
+[[References](appsec/intro)]
 
 ## Collections
 

crowdsec-docs/docs/data_sources/appsec.md

@@ -6,9 +6,9 @@ title: Application Security Component
 
 This module allows you to enable the `Application Security Component` as a data source.
 
-A more detailed documentation is available [here](/appsec/intro.md).
+A more detailed documentation is available [here](/docs/next/appsec/intro).
 
-A quickstart tutorial is available [here](/appsec/quickstart.md).
+A quickstart tutorial is available for [Nginx/OpenResty](/docs/next/appsec/quickstart/nginxopenresty) and [Traefik](/docs/next/appsec/quickstart/traefik).
 
 ## Configuration example
 

crowdsec-docs/docs/getting_started/install_opnsense.md

@@ -27,7 +27,7 @@ Do not enable/start the services from the terminal like you would on a standard
 
 Refresh the page and go to `Services > CrowdSec > Overview` to verify the running services and installed configurations.
 
-Great, you now have CrowdSec installed on your system. Have a look at the [post installation steps](/getting_started/next_steps.md) to see how to to configure and optimize it,
+Great, you now have CrowdSec installed on your system. Have a look at the [post installation steps](/u/getting_started/next_steps) to see how to to configure and optimize it,
 these recommendations are valid for any system.
 
 

crowdsec-docs/docs/getting_started/install_pfsense.md

@@ -141,8 +141,7 @@ and `crowdsec-firewall-bouncer.log`.
 
 ## Service Management
 
-Both services, Security Engine (crowdsec) and Remediation (crowdsec-firewall-bouncer) can be
-controlled from [Status/Services](/status_services.php).
+Both services, Security Engine (crowdsec) and Remediation (crowdsec-firewall-bouncer) can be controlled from `Status/Services`.
 The equivalent shell commands are `service crowdsec.sh start/stop/restart` and `service crowdsec_firewall.sh start/stop/restart`. Note the ending **.sh**!
 
 ## Viewing blocked IPs

crowdsec-docs/docs/getting_started/install_pyagent.md

@@ -6,7 +6,7 @@ sidebar_position: 1
 
 # Using our Python SDK
 
-This python SDK is designed for signal sharing partners to send signals and benefit from the community blocklist. Learn more about [signal sharing](TODO).
+ This python SDK is designed for signal sharing partners to send signals and benefit from the community blocklist. <!-- Learn more about [signal sharing](TODO). -->
 
 Our SDK does the heavy lifting of the CAPI connectivity so you can simply, sendSignals and getDecisions, as well as enroll your soft-agent into the console.
 
@@ -82,7 +82,7 @@ decisions = client.get_decisions(
 
 ```
 
-To obtain attachment key for enrolling a machine see [this doc](../console/enrollment/#where-can-i-find-my-enrollment-key) 
+To obtain attachment key for enrolling a machine see [this doc](/u/getting_started/post_installation/console/#engines-page) 
 
 See reference section for more details. 
 

crowdsec-docs/docs/intro.mdx

@@ -49,8 +49,8 @@ In addition to the core "detect and react" mechanism, CrowdSec is committed to s
 
 Under the hood, the Security Engine has various components:
 
--   The Log Processor is in charge of detection: it analyzes logs from [various data sources](/docs/data_sources/intro) or [HTTP requests](/appsec/intro.md) from web servers.
--   The [Appsec](/appsec/intro.md) feature is part of the Log Processor and filters HTTP Requests from the compatible web servers.
+-   The Log Processor is in charge of detection: it analyzes logs from [various data sources](data_sources/intro) or [HTTP requests](appsec/intro) from web servers.
+-   The [Appsec](appsec/intro) feature is part of the Log Processor and filters HTTP Requests from the compatible web servers.
 -   The [Local API](/local_api/intro.md) acts as a middle man:
     -   Between the [Log Processors](/docs/data_sources/intro) and the [Remediation Components](/u/bouncers/intro) which are in charge of enforcing decisions.
     -   And with the [Central API](/central_api/intro.md) to share alerts and receive blocklists.
@@ -64,7 +64,7 @@ This architecture allows for both simple/standalone setups, or more distributed
 -   Already have a log pit (such as rsyslog or loki)? Run crowdsec next to it, not on the production workloads
 -   Running Kubernetes? Have a look at [our helm chart](/u/getting_started/installation/kubernetes)
 -   Running containers? The [docker data source](/docs/data_sources/docker) might be what you need
--   Just looking for a WAF? Look at [our quickstart](/appsec/intro.md)
+-   Just looking for a WAF? Look at [our quickstart](appsec/intro)
 
 Distributed architecture example:
 

crowdsec-docs/docs/whitelist/postoverflow_based_whitelist.md

@@ -11,7 +11,7 @@ Whitelists in PostOverflows are applied _after_ the bucket overflow happens. Ple
 
 In PostOverflows, the `evt.Parsed` object will be empty at this stage.
 
-It means that you must work with the [`evt.Overflow`](/expr/event.md#overflow-relevant-fields) object for your expression.
+It means that you must work with the [`evt.Overflow`](/expr/event.md#event-object--overflow) object for your expression.
 
 :::
 

crowdsec-docs/docusaurus.config.js

@@ -46,6 +46,9 @@ const backportRedirect = (s) => {
 
 /** @type {import('@docusaurus/types').DocusaurusConfig} */
 module.exports = {
+    future: {
+	experimental_faster: true,
+    },
     title: "CrowdSec",
     tagline:
         "CrowdSec - Real-time & crowdsourced protection against aggressive IPs",
@@ -259,6 +262,16 @@ module.exports = {
                     // Please change this to your repo.
                     editUrl:
                         "https://github.com/crowdsecurity/crowdsec-docs/edit/main/crowdsec-docs/",
+                    lastVersion: "current",
+                    versions: {
+                        "v1.6.0": {
+                            banner: "none",
+                            path: "/"
+                        },
+                        current: {
+                            path: "/next"
+                        }
+                    }
                 },
                 blog: {
                     showReadingTime: true,