Skip to content

Commit

Permalink
Merge pull request #104 from crowdsecurity/fix_upgrade_process_pkg
Browse files Browse the repository at this point in the history
Generate API key when upgrade also
  • Loading branch information
AlteredCoder authored Jun 20, 2022
2 parents 5af435b + 5c1a2ab commit 4813a91
Show file tree
Hide file tree
Showing 2 changed files with 54 additions and 37 deletions.
43 changes: 24 additions & 19 deletions debian/postinst
Original file line number Diff line number Diff line change
Expand Up @@ -4,37 +4,42 @@ systemctl daemon-reload

START=0

if [ "$1" = "configure" ] && [ "$2" = "" ]; then
if [ "$1" = "configure" ]; then

type cscli

if [ "$?" -eq "0" ] ; then
START=1
echo "cscli/crowdsec is present, generating API key"
unique=`date +%s`
API_KEY=`cscli -oraw bouncers add CloudflareBouncer-${unique}`
if [ $? -eq 1 ] ; then
echo "failed to create API token, service won't be started."
START=0
API_KEY="<API_KEY>"
must_generate=$(grep -s '${API_KEY}' /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml | wc -l)
if [ "$must_generate" -eq "1" ] ; then
START=1
echo "cscli/crowdsec is present, generating API key"
unique=`date +%s`
API_KEY=`cscli -oraw bouncers add CloudflareBouncer-${unique}`
if [ $? -eq 1 ] ; then
echo "failed to create API token, service won't be started."
START=0
API_KEY='${API_KEY}'
else
echo "API Key : ${API_KEY}"
fi

TMP=`mktemp -p /tmp/`
cp /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml ${TMP}
API_KEY=${API_KEY} envsubst < ${TMP} > /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml
rm ${TMP}
else
echo "API Key : ${API_KEY}"
echo "Not generating API key because already present"
fi

TMP=`mktemp -p /tmp/`
cp /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml ${TMP}
API_KEY=${API_KEY} envsubst < ${TMP} > /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml
rm ${TMP}
fi
else
START=1
fi


echo "If this is fresh install or you've installed the package maintainer's version of configuration"
echo "Please configure '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'."
echo "Configuration can be autogenerated using crowdsec-cloudflare-bouncer -g <CF_TOKEN_1>,<CF_TOKEN_2> -o /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml"
echo "After configuration run the command 'systemctl start crowdsec-cloudflare-bouncer.service' to start the bouncer"
echo "If this is fresh install or you've installed the package maintainer's version of configuration, please configure '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'."
echo "Configuration can be autogenerated using 'sudo crowdsec-cloudflare-bouncer -g <CF_TOKEN_1>,<CF_TOKEN_2> -o /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'."
echo "After configuration run the command 'sudo systemctl start crowdsec-cloudflare-bouncer.service' to start the bouncer"
echo "Don't forget to (re)generate CrowdSec API key if it is installed on another server or/and if you have upgraded and installed the package maintainer's version."

if [ ${START} -eq 0 ] ; then
echo "no api key was generated, you can generate one on your LAPI Server by running 'cscli bouncers add <bouncer_name>' and add it to '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'"
Expand Down
48 changes: 30 additions & 18 deletions rpm/SPECS/crowdsec-cloudflare-bouncer.spec
Original file line number Diff line number Diff line change
Expand Up @@ -57,32 +57,44 @@ START=0

systemctl is-active --quiet crowdsec

if [ "$?" -eq "0" ] ; then
START=1
echo "cscli/crowdsec is present, generating API key"
unique=`date +%s`
API_KEY=`sudo cscli -oraw bouncers add cloudflareBouncer-${unique}`
if [ $? -eq 1 ] ; then
echo "failed to create API token, service won't be started."
START=0
API_KEY="<API_KEY>"
else
echo "API Key : ${API_KEY}"
if [ "$1" == "1" ] ; then
type cscli > /dev/null
if [ "$?" -eq "0" ] ; then
must_generate=$(grep -s '${API_KEY}' /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml | wc -l)
if [ "$must_generate" -eq "1" ] ; then
START=1
echo "cscli/crowdsec is present, generating API key"
unique=`date +%s`
API_KEY=`sudo cscli -oraw bouncers add cloudflareBouncer-${unique}`
if [ $? -eq 1 ] ; then
echo "failed to create API token, service won't be started."
START=0
API_KEY="<API_KEY>"
else
echo "API Key : ${API_KEY}"
fi
TMP=`mktemp -p /tmp/`
cp /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml ${TMP}
API_KEY=${API_KEY} envsubst < ${TMP} > /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml
rm ${TMP}
else
echo "Not generating API key because already present"
fi
fi
else
START=1
fi

TMP=`mktemp -p /tmp/`
cp /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml ${TMP}
API_KEY=${API_KEY} envsubst < ${TMP} > /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml
rm ${TMP}

echo "If this is fresh install or you've installed the package maintainer's version of configuration, please configure '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'."
echo "Configuration can be autogenerated using 'sudo crowdsec-cloudflare-bouncer -g <CF_TOKEN_1>,<CF_TOKEN_2> -o /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'."
echo "After configuration run the command 'sudo systemctl start crowdsec-cloudflare-bouncer.service' to start the bouncer"
echo "Don't forget to (re)generate CrowdSec API key if it is installed on another server or/and if you have upgraded and installed the package maintainer's version."

if [ ${START} -eq 0 ] ; then
echo "no api key was generated, you can generate one on your LAPI Server by running 'cscli bouncers add <bouncer_name>' and add it to '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'"
fi

echo "please enter your Cloudflare account ID and Token path in '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml' and start the bouncer via 'sudo systemctl start crowdsec-cloudflare-bouncer' "



%changelog
* Fri Sep 10 2021 Kevin Kadosh <kevin@crowdsec.net>
Expand Down

0 comments on commit 4813a91

Please sign in to comment.