diff --git a/debian/postinst b/debian/postinst index 8775972..c69f293 100644 --- a/debian/postinst +++ b/debian/postinst @@ -4,37 +4,42 @@ systemctl daemon-reload START=0 -if [ "$1" = "configure" ] && [ "$2" = "" ]; then +if [ "$1" = "configure" ]; then type cscli if [ "$?" -eq "0" ] ; then - START=1 - echo "cscli/crowdsec is present, generating API key" - unique=`date +%s` - API_KEY=`cscli -oraw bouncers add CloudflareBouncer-${unique}` - if [ $? -eq 1 ] ; then - echo "failed to create API token, service won't be started." - START=0 - API_KEY="" + must_generate=$(grep -s '${API_KEY}' /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml | wc -l) + if [ "$must_generate" -eq "1" ] ; then + START=1 + echo "cscli/crowdsec is present, generating API key" + unique=`date +%s` + API_KEY=`cscli -oraw bouncers add CloudflareBouncer-${unique}` + if [ $? -eq 1 ] ; then + echo "failed to create API token, service won't be started." + START=0 + API_KEY='${API_KEY}' + else + echo "API Key : ${API_KEY}" + fi + + TMP=`mktemp -p /tmp/` + cp /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml ${TMP} + API_KEY=${API_KEY} envsubst < ${TMP} > /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml + rm ${TMP} else - echo "API Key : ${API_KEY}" + echo "Not generating API key because already present" fi - - TMP=`mktemp -p /tmp/` - cp /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml ${TMP} - API_KEY=${API_KEY} envsubst < ${TMP} > /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml - rm ${TMP} fi else START=1 fi -echo "If this is fresh install or you've installed the package maintainer's version of configuration" -echo "Please configure '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'." -echo "Configuration can be autogenerated using crowdsec-cloudflare-bouncer -g , -o /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml" -echo "After configuration run the command 'systemctl start crowdsec-cloudflare-bouncer.service' to start the bouncer" +echo "If this is fresh install or you've installed the package maintainer's version of configuration, please configure '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'." +echo "Configuration can be autogenerated using 'sudo crowdsec-cloudflare-bouncer -g , -o /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'." +echo "After configuration run the command 'sudo systemctl start crowdsec-cloudflare-bouncer.service' to start the bouncer" +echo "Don't forget to (re)generate CrowdSec API key if it is installed on another server or/and if you have upgraded and installed the package maintainer's version." if [ ${START} -eq 0 ] ; then echo "no api key was generated, you can generate one on your LAPI Server by running 'cscli bouncers add ' and add it to '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'" diff --git a/rpm/SPECS/crowdsec-cloudflare-bouncer.spec b/rpm/SPECS/crowdsec-cloudflare-bouncer.spec index 33d2809..abb4c74 100644 --- a/rpm/SPECS/crowdsec-cloudflare-bouncer.spec +++ b/rpm/SPECS/crowdsec-cloudflare-bouncer.spec @@ -57,32 +57,44 @@ START=0 systemctl is-active --quiet crowdsec -if [ "$?" -eq "0" ] ; then - START=1 - echo "cscli/crowdsec is present, generating API key" - unique=`date +%s` - API_KEY=`sudo cscli -oraw bouncers add cloudflareBouncer-${unique}` - if [ $? -eq 1 ] ; then - echo "failed to create API token, service won't be started." - START=0 - API_KEY="" - else - echo "API Key : ${API_KEY}" +if [ "$1" == "1" ] ; then + type cscli > /dev/null + if [ "$?" -eq "0" ] ; then + must_generate=$(grep -s '${API_KEY}' /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml | wc -l) + if [ "$must_generate" -eq "1" ] ; then + START=1 + echo "cscli/crowdsec is present, generating API key" + unique=`date +%s` + API_KEY=`sudo cscli -oraw bouncers add cloudflareBouncer-${unique}` + if [ $? -eq 1 ] ; then + echo "failed to create API token, service won't be started." + START=0 + API_KEY="" + else + echo "API Key : ${API_KEY}" + fi + TMP=`mktemp -p /tmp/` + cp /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml ${TMP} + API_KEY=${API_KEY} envsubst < ${TMP} > /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml + rm ${TMP} + else + echo "Not generating API key because already present" + fi fi +else + START=1 fi -TMP=`mktemp -p /tmp/` -cp /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml ${TMP} -API_KEY=${API_KEY} envsubst < ${TMP} > /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml -rm ${TMP} + +echo "If this is fresh install or you've installed the package maintainer's version of configuration, please configure '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'." +echo "Configuration can be autogenerated using 'sudo crowdsec-cloudflare-bouncer -g , -o /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'." +echo "After configuration run the command 'sudo systemctl start crowdsec-cloudflare-bouncer.service' to start the bouncer" +echo "Don't forget to (re)generate CrowdSec API key if it is installed on another server or/and if you have upgraded and installed the package maintainer's version." if [ ${START} -eq 0 ] ; then echo "no api key was generated, you can generate one on your LAPI Server by running 'cscli bouncers add ' and add it to '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'" fi -echo "please enter your Cloudflare account ID and Token path in '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml' and start the bouncer via 'sudo systemctl start crowdsec-cloudflare-bouncer' " - - %changelog * Fri Sep 10 2021 Kevin Kadosh