diff options
Diffstat (limited to 'security/crowdsec/files/crowdsec.in')
| -rw-r--r-- | security/crowdsec/files/crowdsec.in | 48 |
1 files changed, 35 insertions, 13 deletions
diff --git a/security/crowdsec/files/crowdsec.in b/security/crowdsec/files/crowdsec.in index 59219b42aa19..04b7c02130f9 100644 --- a/security/crowdsec/files/crowdsec.in +++ b/security/crowdsec/files/crowdsec.in @@ -22,9 +22,9 @@ rcvar=crowdsec_enable load_rc_config $name -: ${crowdsec_enable:="NO"} -: ${crowdsec_config:="%%PREFIX%%/etc/crowdsec/config.yaml"} -: ${crowdsec_flags:=""} +: "${crowdsec_enable:=NO}" +: "${crowdsec_config:=%%PREFIX%%/etc/crowdsec/config.yaml}" +: "${crowdsec_flags:=}" pidfile=/var/run/${name}.pid required_files="$crowdsec_config" @@ -35,27 +35,49 @@ configtest_cmd="${name}_configtest" extra_commands="configtest reload" crowdsec_precmd() { - if [ ! -d %%PREFIX%%/etc/crowdsec/hub ]; then - %%PREFIX%%/bin/crowdsec-cli hub update || : + cs_cli() { + "%%PREFIX%%/bin/cscli" -c "${crowdsec_config}" "$@" + } + Config() { + cs_cli config show --key "Config.$1" + } + + HUB_DIR=$(Config ConfigPaths.HubDir) + if ! ls -1qA "$HUB_DIR/*" >/dev/null 2>&1; then + echo "Fetching hub inventory" + cs_cli hub update || : + fi + + if [ -z "$(cs_cli machines list -o raw)" ]; then + echo "Registering LAPI" + cs_cli machines add --auto || : fi - if [ -z "`%%PREFIX%%/bin/crowdsec-cli machines list -o raw`" ]; then - %%PREFIX%%/bin/crowdsec-cli machines add --auto || : + + CONFIG_DIR=$(Config ConfigPaths.ConfigDir) + if [ ! -s "${CONFIG_DIR}/online_api_credentials.yaml" ]; then + echo "Registering CAPI" + cs_cli capi register || : fi - if [ ! -s %%PREFIX%%/etc/crowdsec/online_api_credentials.yaml ]; then - %%PREFIX%%/bin/crowdsec-cli capi register || : + + cs_cli collections inspect crowdsecurity/linux >/dev/null || cs_cli collections install crowdsecurity/linux || : + + DATA_DIR=$(Config ConfigPaths.DataDir) + if [ ! -f "${DATA_DIR}/GeoLite2-City.mmdb" ]; then + echo "Installing GeoIP enricher" + cs_cli parsers install crowdsecurity/geoip-enrich || : fi } crowdsec_start() { - /usr/sbin/daemon -f -p ${pidfile} -t "${desc}" \ - ${command} -c ${crowdsec_config} ${crowdsec_flags} + /usr/sbin/daemon -f -p ${pidfile} -t "${desc}" -- \ + ${command} -c ${crowdsec_config} ${crowdsec_flags} } crowdsec_configtest() { - echo "Performing sanity check on ${name} configuration." - eval ${command} -c ${crowdsec_config} -t + echo "Performing sanity check on ${name} configuration." + eval ${command} -c ${crowdsec_config} -t } run_rc_command "$1" |