From c4f6aab0116ee5d8bb04dd756f6bba81e30bebbd Mon Sep 17 00:00:00 2001
From: rohow <rohow@foxmail.com>
Date: Fri, 22 Nov 2024 17:35:52 +0800
Subject: [PATCH] =?UTF-8?q?feat(crowdsec):=20=E5=B0=86ip=E7=BC=93=E5=AD=98?=
 =?UTF-8?q?=E8=B0=83=E6=95=B4=E4=B8=BA3s=20=E4=BB=A5=E5=A2=9E=E5=8A=A0?=
 =?UTF-8?q?=E6=8B=A6=E6=88=AA=E6=95=88=E7=8E=87?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 apps/infra/monitor/crowdsec/helmchart.yaml | 21 ++++++++++++++++++---
 apps/infra/net/nginx/helmchart.yaml        |  2 +-
 2 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/apps/infra/monitor/crowdsec/helmchart.yaml b/apps/infra/monitor/crowdsec/helmchart.yaml
index fb85b30..b9e01b8 100644
--- a/apps/infra/monitor/crowdsec/helmchart.yaml
+++ b/apps/infra/monitor/crowdsec/helmchart.yaml
@@ -39,17 +39,32 @@ spec:
       persistentVolume:
         config:
           enabled: false
-    lapi:
+    appsec:
+      enabled: true
       affinity:
         nodeAffinity:
           preferredDuringSchedulingIgnoredDuringExecution:
-            - preference:
+            - weight: 1
+              preference:
+                matchExpressions:
+                  - key: topology.kubernetes.io/region
+                    operator: In
+                    values:
+                      - cn-hk
+      env:
+        - name: COLLECTIONS
+          value: "crowdsecurity/appsec-virtual-patching crowdsecurity/appsec-generic-rules"
+    lapi:
+      affinity:
+        nodeAffinity:
+          preferredDuringSchedulingIgnoredDuringExecution:
+            - weight: 1
+              preference:
                 matchExpressions:
                   - key: topology.kubernetes.io/region
                     operator: In
                     values:
                       - cn-hk
-              weight: 1
       resources:
         limits:
           memory: 200Mi
diff --git a/apps/infra/net/nginx/helmchart.yaml b/apps/infra/net/nginx/helmchart.yaml
index 2fa0398..4fa7c6c 100644
--- a/apps/infra/net/nginx/helmchart.yaml
+++ b/apps/infra/net/nginx/helmchart.yaml
@@ -123,7 +123,7 @@ spec:
             - name: MODE
               value: "live"
             - name: CACHE_EXPIRATION
-              value: "10"
+              value: "3"
             - name: REQUEST_TIMEOUT
               value: "1000"
             - name: CAPTCHA_PROVIDER