Hi all!

I'll try to be quick but I apologise first as I am pretty new to security stuff and my questions might be obvious to the more experts.

I have a VPS (hetzner) set up with docker, caddy for the reverse proxy, and authentik as the only login method for a couple of services (hedgedoc and forgejo). Since most of these has to be available and accessible on the internet, I also setup crowdsec and built caddy with the relevant bouncer. This allows crowdsec to inspect the caddy logs for all the services I am serving through it and act accordingly. Edit: all the services are in docker containers.

So far, so good. However, I also saw that crowdsec can directly monitor container logs with the docker integration or through container labels. Also, I saw a couple of collections on crowdsec hub specifically for Authentik and Gitea.

I feel I am missing something so my question are:

1. Would it be useful to monitor container logs given my setup or would it be redundant?
2. Should I add the app-specific collections, or would docker logs monitoring be enough?

::: spoiler My current crowdsec collections

---

• crowdsecurity/linux
• crowdsecurity/appsec-generic-rules
• crowdsecurity/caddy
• crowdsecurity/whitelist-good-actors
• crowdsecurity/http-cve
• crowdsecurity/iptables :::

Edit: bonus question, does someone know if the Gitea collection would be useful for Forgejo after it being a hard-fork now?

As per title, I just finished Andor. I always wanted to read some star wars comics (years ago I read the Marvel's Vader series). I would love to read some good comics or storyarcs if anybody has any advice.

I would prefer something not focus on the skywalkers but that expands on the general story and lore, I was looking at Doctor Aphra, but not sure if it's good or not.

Thanks!