CrowdSec Removal Script
This script safely removes CrowdSec from your Pangolin installation by cleaning up all related configurations and restarting the containers.
Supported Operating Systems
- Ubuntu
- Debian
- Rocky Linux
- RHEL (Red Hat Enterprise Linux)
- CentOS
- Fedora
What the script does
- Checks and installs dependencies automatically (Python 3, PyYAML, tar)
- Backs up all configuration files before making any changes (with timestamps)
- Stops all containers before making changes
- Removes CrowdSec service from
docker-compose.yml - Removes CrowdSec dependency from the Traefik service
- Removes CrowdSec plugin from
config/traefik/traefik_config.yml - Removes CrowdSec middlewares from
config/traefik/dynamic_config.yml - Removes Traefik log volume that was added for CrowdSec
- Reverts log format from JSON back to common format
- Validates all YAML files to ensure they’re syntactically correct
- Removes CrowdSec directories (with backup)
- Restarts containers with the updated configuration
Prerequisites
The script will automatically check for and install missing dependencies. If dependencies are missing and the script is not run as root, it will provide the exact commands needed to install them.
Required (automatically installed if missing):
- Python 3
- PyYAML (python3-yaml or python3-pyyaml)
- tar
Container Runtime (you must have one installed):
- Docker or Podman must already be installed
- Run from your Pangolin installation directory (where
docker-compose.ymlis located)
Usage
If dependencies are already installed (or running as root):
wget https://gist.githubusercontent.com/hhftechnology/42308d1cde1cbb691cdf181997db8e0b/raw/b1bb221d3d12d77b584c71ca0039f3583ebd7e82/remove-crowdsec.sh -O remove-crowdsec.sh
# Make the script executable
chmod +x remove-crowdsec.sh
# Run the script from your Pangolin installation directory
./remove-crowdsec.sh
If you need to install dependencies first:
The script will check and attempt to install dependencies automatically. If not running as root, it will tell you exactly what to install:
Ubuntu/Debian:
sudo apt-get update
sudo apt-get install -y python3 python3-yaml tar
./remove-crowdsec.sh
Rocky Linux/RHEL/CentOS/Fedora:
sudo dnf install -y python3 python3-pyyaml tar
./remove-crowdsec.sh
Running with automatic dependency installation (requires root):
# Run as root to allow automatic dependency installation
sudo ./remove-crowdsec.sh
What gets backed up
The script creates timestamped backups of:
docker-compose.yml.backup-YYYYMMDD-HHMMSSconfig/traefik/traefik_config.yml.backup-YYYYMMDD-HHMMSSconfig/traefik/dynamic_config.yml.backup-YYYYMMDD-HHMMSSconfig/crowdsec-backup-YYYYMMDD-HHMMSS.tar.gz(entire CrowdSec directory)
Restoring from backup
If something goes wrong, you can restore your configuration:
# Restore docker-compose.yml
cp docker-compose.yml.backup-YYYYMMDD-HHMMSS docker-compose.yml
# Restore traefik configs
cp config/traefik/traefik_config.yml.backup-YYYYMMDD-HHMMSS config/traefik/traefik_config.yml
cp config/traefik/dynamic_config.yml.backup-YYYYMMDD-HHMMSS config/traefik/dynamic_config.yml
# Restore CrowdSec directory
tar -xzf config/crowdsec-backup-YYYYMMDD-HHMMSS.tar.gz
# Restart containers
docker compose down
docker compose up -d
Validation
The script includes YAML validation using:
yamllint(if available)- Python’s
yamlmodule (fallback)
If validation fails, the script will:
- Show error messages
- Keep backups intact
- Exit without starting containers
Troubleshooting
Missing dependencies
Problem: Python 3 or PyYAML not installed and script not running as root
Solution:
The script will tell you exactly what to install. Run the suggested commands, then run the script again.
For Ubuntu/Debian:
sudo apt-get update
sudo apt-get install -y python3 python3-yaml tar
For Rocky Linux/RHEL/CentOS/Fedora:
sudo dnf install -y python3 python3-pyyaml tar
Unsupported distribution
Problem: Your Linux distribution is not supported
Solution:
Manually install Python 3 and PyYAML:
- Install Python 3 from your distribution’s package manager
- Install PyYAML:
pip3 install pyyamlor via your package manager
Script fails to detect container type
Problem: Neither docker nor podman found
Solution: Install Docker or Podman before running the script
YAML validation fails
Problem: Configuration files have syntax errors after modification
Solution:
- Check the error messages
- Restore from backups
- Report the issue with your specific configuration
Containers fail to start
Problem: Containers won’t start after CrowdSec removal
Solution:
# Check container logs
docker logs pangolin
docker logs traefik
# Verify configuration files are valid
docker compose config
# Restore from backup if needed
Permission denied
Problem: Script doesn’t have execute permissions
Solution:
chmod +x remove-crowdsec.sh
Files Modified
docker-compose.yml
- Removes
crowdsecservice - Removes
crowdsecdependency fromtraefikservice - Removes traefik log volume
./config/traefik/logs:/var/log/traefik
config/traefik/traefik_config.yml
- Removes
crowdsecplugin fromexperimental.plugins - Removes crowdsec middleware from entryPoints
- Changes log format from
jsonback tocommon - Removes
accessLogconfiguration
config/traefik/dynamic_config.yml
- Removes
crowdsecmiddleware definition - Removes
security-headersmiddleware (added by CrowdSec) - Removes
default-whitelistmiddleware (added by CrowdSec) - Removes crowdsec middleware references from all routers
Post-Removal
After running the script:
- Containers will be restarted automatically
- Traefik will no longer use CrowdSec for protection
- Access logs will no longer be generated in JSON format
- All CrowdSec-related middleware will be removed
Support
If you encounter issues:
- Check the backup files were created
- Review container logs for errors
- Verify all three YAML files are valid
- Restore from backups if necessary
Re-installing CrowdSec
If you want to reinstall CrowdSec later:
- Use the Pangolin installer’s CrowdSec installation option
- Or restore from the backup files created by this script