upgrade RPM postinst

debian/postinst

@@ -36,10 +36,10 @@ else
 fi
 
 
-echo "If this is fresh install or you've installed the package maintainer's version of configuration"
-echo "Please configure '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'."
-echo "Configuration can be autogenerated using crowdsec-cloudflare-bouncer -g <CF_TOKEN_1>,<CF_TOKEN_2> -o /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml"
-echo "After configuration run the command 'systemctl start crowdsec-cloudflare-bouncer.service' to start the bouncer"
+echo "If this is fresh install or you've installed the package maintainer's version of configuration, please configure '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'."
+echo "Configuration can be autogenerated using 'sudo crowdsec-cloudflare-bouncer -g <CF_TOKEN_1>,<CF_TOKEN_2> -o /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'."
+echo "After configuration run the command 'sudo systemctl start crowdsec-cloudflare-bouncer.service' to start the bouncer"
+echo "Don't forget to (re)generate CrowdSec API key if it is installed on another server or/and if you have upgraded and installed the package maintainer's version."
 
 if [ ${START} -eq 0 ] ; then
  echo "no api key was generated, you can generate one on your LAPI Server by running 'cscli bouncers add <bouncer_name>' and add it to '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'"

rpm/SPECS/crowdsec-cloudflare-bouncer.spec

@@ -57,32 +57,44 @@ START=0
 
 systemctl is-active --quiet crowdsec
 
-if [ "$?" -eq "0" ] ; then
- START=1
- echo "cscli/crowdsec is present, generating API key"
- unique=`date +%s`
- API_KEY=`sudo cscli -oraw bouncers add cloudflareBouncer-${unique}`
- if [ $? -eq 1 ] ; then
- echo "failed to create API token, service won't be started."
- START=0
- API_KEY="<API_KEY>"
- else
- echo "API Key : ${API_KEY}"
+if [ "$1" == "1" ] ; then
+ type cscli > /dev/null
+ if [ "$?" -eq "0" ] ; then
+ must_generate=$(grep -s '${API_KEY}' /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml | wc -l)
+ if [ "$must_generate" -eq "1" ] ; then
+ START=1
+ echo "cscli/crowdsec is present, generating API key"
+ unique=`date +%s`
+ API_KEY=`sudo cscli -oraw bouncers add cloudflareBouncer-${unique}`
+ if [ $? -eq 1 ] ; then
+ echo "failed to create API token, service won't be started."
+ START=0
+ API_KEY="<API_KEY>"
+ else
+ echo "API Key : ${API_KEY}"
+ fi
+ TMP=`mktemp -p /tmp/`
+ cp /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml ${TMP}
+ API_KEY=${API_KEY} envsubst < ${TMP} > /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml
+ rm ${TMP}
+ else
+ echo "Not generating API key because already present"
+ fi
  fi
+else
+ START=1
 fi
 
-TMP=`mktemp -p /tmp/`
-cp /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml ${TMP}
-API_KEY=${API_KEY} envsubst < ${TMP} > /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml
-rm ${TMP}
+
+echo "If this is fresh install or you've installed the package maintainer's version of configuration, please configure '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'."
+echo "Configuration can be autogenerated using 'sudo crowdsec-cloudflare-bouncer -g <CF_TOKEN_1>,<CF_TOKEN_2> -o /etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'."
+echo "After configuration run the command 'sudo systemctl start crowdsec-cloudflare-bouncer.service' to start the bouncer"
+echo "Don't forget to (re)generate CrowdSec API key if it is installed on another server or/and if you have upgraded and installed the package maintainer's version."
 
 if [ ${START} -eq 0 ] ; then
  echo "no api key was generated, you can generate one on your LAPI Server by running 'cscli bouncers add <bouncer_name>' and add it to '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml'"
 fi
 
-echo "please enter your Cloudflare account ID and Token path in '/etc/crowdsec/bouncers/crowdsec-cloudflare-bouncer.yaml' and start the bouncer via 'sudo systemctl start crowdsec-cloudflare-bouncer' "
-
-
 
 %changelog
 * Fri Sep 10 2021 Kevin Kadosh <kevin@crowdsec.net>