LUA Errors in swag logs with crowdsec mod

LSIO Discussion Container Support
1

I’m seeing some error lines in the logfile when I start swag (relevant excerpt below)

2024-08-07T16:43:52.650044127Z 	no file '/usr/local/lua/crowdsec/resty/openssl/x509/chain.lua'
2024-08-07T16:43:52.650046298Z 	no file './resty/openssl/x509/chain.lua'
2024-08-07T16:43:52.650048817Z 	no file '/usr/share/luajit-2.1/resty/openssl/x509/chain.lua'
2024-08-07T16:43:52.650050905Z 	no file '/usr/local/share/lua/5.1/resty/openssl/x509/chain.lua'
2024-08-07T16:43:52.650052951Z 	no file '/usr/local/share/lua/5.1/resty/openssl/x509/chain/init.lua'
2024-08-07T16:43:52.650055079Z 	no file '/usr/share/lua/5.1/resty/openssl/x509/chain.lua'
2024-08-07T16:43:52.650057056Z 	no file '/usr/share/lua/5.1/resty/openssl/x509/chain/init.lua'
2024-08-07T16:43:52.650059207Z 	no file '/usr/share/lua/common/resty/openssl/x509/chain.lua'
2024-08-07T16:43:52.650061196Z 	no file '/usr/share/lua/common/resty/openssl/x509/chain/init.lua'
2024-08-07T16:43:52.650063296Z 	no file './resty/openssl/x509/chain.lua'
2024-08-07T16:43:52.650065295Z 	no file './resty/openssl/x509/chain.so'
2024-08-07T16:43:52.650067176Z 	no file '/usr/local/lib/lua/5.1/resty/openssl/x509/chain.so'
2024-08-07T16:43:52.650069121Z 	no file '/usr/lib/lua/5.1/resty/openssl/x509/chain.so'
2024-08-07T16:43:52.650071061Z 	no file '/usr/local/lib/lua/5.1/loadall.so'
2024-08-07T16:43:52.650072984Z 	no file './resty.so'
2024-08-07T16:43:52.650074897Z 	no file '/usr/local/lib/lua/5.1/resty.so'
2024-08-07T16:43:52.650076913Z 	no file '/usr/lib/lua/5.1/resty.so'
2024-08-07T16:43:52.650078829Z 	no file '/usr/local/lib/lua/5.1/loadall.so'
2024-08-07T16:43:52.650080770Z stack traceback:
2024-08-07T16:43:52.650082832Z 	[C]: in function 'require'
2024-08-07T16:43:52.650084804Z 	/usr/share/lua/common/resty/http_connect.lua:15: in function </usr/share/lua/common/resty/http_connect.lua:14>
2024-08-07T16:43:52.650087040Z 	[C]: in function 'xpcall'
2024-08-07T16:43:52.650089035Z 	/usr/share/lua/common/resty/http_connect.lua:14: in main chunk
2024-08-07T16:43:52.650090960Z 	[C]: in function 'require'
2024-08-07T16:43:52.650092889Z 	/usr/share/lua/common/resty/http.lua:166: in main chunk
2024-08-07T16:43:52.650105335Z 	[C]: in function 'require'
2024-08-07T16:43:52.650108290Z 	/usr/local/lua/crowdsec/crowdsec.lua:5: in main chunk
2024-08-07T16:43:52.650110364Z 	[C]: in function 'require'
2024-08-07T16:43:52.650112312Z 	init_by_lua(http.d/crowdsec_nginx.conf:4):2: in main chunk
2024-08-07T16:43:52.650114296Z nginx: [error] [lua] crowdsec.lua:62: init(): error loading captcha plugin: no recaptcha site key provided, can't use recaptcha
2024-08-07T16:43:52.650116413Z nginx: [alert] [lua] crowdsec_nginx.conf:4):8: [Crowdsec] Initialisation done
2024-08-07T16:43:52.717155342Z Server ready

The container appears to be working OK, and crowdsec appears to be processing decisions.
I am running docker 27.1.1 on Ubuntu 24.04 and have tried recreated the container using the latest swag image.

My compose file (well Portainer stack) is as follows:

services:  
  swag:
    image: ghcr.io/linuxserver/swag:latest
    container_name: swag
    cap_add:
      - NET_ADMIN
    environment:
      - UID=1001
      - GUID=1001
      - TZ=Europe/London
      - URL=XXX
      - SUBDOMAINS=wildcard
      - VALIDATION=dns
      - DNSPLUGIN=cloudflare
      - EMAIL=XXX
      - PROPAGATION=120
      - ONLY_SUBDOMAINS=false
      - DOCKER_MODS=linuxserver/mods:swag-cloudflare-real-ip|linuxserver/mods:swag-auto-reload |linuxserver/mods:swag-crowdsec 
      - CROWDSEC_API_KEY=$CROWDSEC_API_KEY
      - CROWDSEC_LAPI_URL=http://crowdsec:8080
    volumes:
      - /docker/apps/swag:/config
      - /docker/logs/swag:/config/log
      - /docker/logs/suricata:/config/log/suricata
      - /nfs/nas1:/nas1:ro
    security_opt:
      - no-new-privileges=true
    ports:
      - 443:443 
      - 81:81
    restart: unless-stopped
    networks:
      mylan:


  crowdsec:
    image: docker.io/crowdsecurity/crowdsec:latest
    container_name: crowdsec
    environment:
      - GID=1000
      - COLLECTIONS=crowdsecurity/nginx crowdsecurity/http-cve
      - CUSTOM_HOSTNAME=XXX
    volumes:
      - /docker/apps/crowdsec/config:/etc/crowdsec:rw
      - /docker/apps/crowdsec/data:/var/lib/crowdsec/data:rw
      - /docker/logs/crowdsec:/var/log:rw
      - /docker/logs/swag/:/var/log/swag:ro
      - /var/log:/var/log/host:ro 
      - /docker/logs/authelia:/var/log/authelia:ro
      - /docker/logs/suricata:/var/log/suricata:ro
      - /docker/logs/vaultwarden:/var/log/vaultwarden:ro
      - /var/run:/var/run:ro
    networks:
      mylan:
    restart: unless-stopped
    security_opt:
      - no-new-privileges=false
    depends_on:
      - swag

networks:
  mylan:
    name: mylan
    external: true

So not sure it’s a major problem, but would like to try and resolve it if possible.

Thanks

2

this should be resolved in an updated build, can you update your container and try again? it was due to the crowdsec mod using a new version of lua but swag using an outdated version.

3

What version of the swag image do I need?

I’ve just pulled 2.11.0 and the problem is still there?

4

2.11.0-ls319 if the issue persists after this, it might be best to come on discord for support